Overview

URL 4coresvisual.com.br/ii/toeoispt
IP216.172.172.64
ASNUNIFIEDLAYER-AS-1
Location United States
Report completed2022-10-04 04:58:41 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 4coresvisual.com.br/ii/toeoispt Malware
2022-10-04 2 www.4coresvisual.com.br/ii/toeoispt Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/contact-form-7/includes/css/styl (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-includes/css/dist/block-library/style.min.css?ve (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/creame-whatsapp-me/public/css/jo (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/elementskit-lite/modules/element (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/themes/astra/assets/css/minified/menu-an (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/contact-form-7/includes/js/index (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/NavMenu-Plugin/assets/css/fronte (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/themes/astra/assets/js/minified/style.mi (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/elementskit-lite/libs/framework/ (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/essential-addons-for-elementor-l (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/essential-addons-for-elementor-l (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.5 Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/clever-mega-menu-for-elementor/a (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/sticky-header-effects-for-elemen (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/creame-whatsapp-me/public/js/joi (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Malware
2022-10-04 2 www.4coresvisual.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/contact-form-7/includes/js/index (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/elementskit-lite/widgets/init/as (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/themes/astra/assets/css/minified/style.m (...) Malware
2022-10-04 2 www.4coresvisual.com.br/wp-content/plugins/elementor/assets/css/frontend-li (...) Malware
mnemonic secure dns
Scan Date Severity Indicator Comment
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed
2022-10-04 2 4coresvisual.com.br Sinkholed


Files

No files detected



Passive DNS (13)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.35
mnemonic passive DNS 4coresvisual.com.br (1) 0 2020-09-03 20:12:53 UTC 2022-10-03 19:59:02 UTC 216.172.172.64 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 34.215.56.181
mnemonic passive DNS www.4coresvisual.com.br (31) 0 2020-09-03 20:12:53 UTC 2022-09-13 12:54:26 UTC 216.172.172.64 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-03 20:08:49 UTC 142.250.74.168
mnemonic passive DNS www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-10-03 22:24:01 UTC 142.250.74.174
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-03 09:10:55 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 216.172.172.64

Date UQ / IDS / BL URL IP
2022-10-10 13:43:16 +0000
0 - 0 - 5 4coresvisual.com.br/ii/tcaguuqsfeuorna 216.172.172.64
2022-10-10 13:41:26 +0000
0 - 0 - 5 4coresvisual.com.br/ii/omeelvasaetmnii 216.172.172.64
2022-10-09 10:02:28 +0000
0 - 0 - 5 4coresvisual.com.br/ii/tcaguuqsfeuorna 216.172.172.64
2022-10-09 10:00:25 +0000
0 - 0 - 5 4coresvisual.com.br/ii/omeelvasaetmnii 216.172.172.64
2022-10-09 09:59:27 +0000
0 - 0 - 5 4coresvisual.com.br/ii/toeoispt 216.172.172.64

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Date UQ / IDS / BL URL IP
2022-11-26 22:52:42 +0000
0 - 0 - 1 wizegate.com/ 162.241.148.206
2022-11-26 22:52:27 +0000
0 - 0 - 1 rosscgeller.com/ 162.241.115.177
2022-11-26 22:49:44 +0000
0 - 0 - 37 lucasartoys.com/ 162.241.85.111
2022-11-26 22:25:24 +0000
0 - 0 - 2 webmail.machunion.com/ 192.232.249.124
2022-11-26 22:15:24 +0000
0 - 0 - 1 costoemart.idmcbc.com/ 192.254.186.142

Last 5 reports on domain: 4coresvisual.com.br

Date UQ / IDS / BL URL IP
2022-10-10 13:43:16 +0000
0 - 0 - 5 4coresvisual.com.br/ii/tcaguuqsfeuorna 216.172.172.64
2022-10-10 13:41:26 +0000
0 - 0 - 5 4coresvisual.com.br/ii/omeelvasaetmnii 216.172.172.64
2022-10-09 10:02:28 +0000
0 - 0 - 5 4coresvisual.com.br/ii/tcaguuqsfeuorna 216.172.172.64
2022-10-09 10:00:25 +0000
0 - 0 - 5 4coresvisual.com.br/ii/omeelvasaetmnii 216.172.172.64
2022-10-09 09:59:27 +0000
0 - 0 - 5 4coresvisual.com.br/ii/toeoispt 216.172.172.64

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-04 05:07:05 +0000
0 - 0 - 90 4coresvisual.com.br/ii/aieunqumicmm 216.172.172.64
2022-10-04 05:06:52 +0000
0 - 0 - 90 4coresvisual.com.br/ii/eefrrerissnautpandper 216.172.172.64
2022-10-04 05:05:37 +0000
0 - 0 - 90 4coresvisual.com.br/ii/aseceeefrs 216.172.172.64
2022-10-04 05:04:09 +0000
0 - 0 - 86 4coresvisual.com.br/ii/dqeiuun 216.172.172.64
2022-10-04 05:03:21 +0000
0 - 0 - 90 4coresvisual.com.br/ii/sauleatmtsimoe 216.172.172.64


JavaScript

Executed Scripts (29)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (54)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 04:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _xLqC2JOj5tLSjCU_4vADCQyM8JEYeK5tIt0pw3rS1-TmJbtH3YVJg==
Age: 686


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13826
Expires: Tue, 04 Oct 2022 08:48:56 GMT
Date: Tue, 04 Oct 2022 04:58:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6DB7CB58DB4002665CBF8FF9070DF95EFD26A7FCF2733C62B47266F80BD7CC85"
Last-Modified: Tue, 04 Oct 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Tue, 04 Oct 2022 10:57:36 GMT
Date: Tue, 04 Oct 2022 04:58:30 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wUiNVPcOXVnxmUoHDxDY6-k2yx7myk-z_mJEzXXEuF5LMPQ6eK4OsA==
age: 84603
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 04:58:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 04:29:33 GMT
Expires: Tue, 04 Oct 2022 05:11:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yURLcwUOhFxYPK9SSQU5ZDfsdnGeu_TZJyrN0KZw1o_d2SSdRtwkKg==
Age: 1738


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /ii/toeoispt HTTP/1.1 
Host: 4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         216.172.172.64
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.4coresvisual.com.br/ii/toeoispt
content-length: 0
date: Tue, 04 Oct 2022 04:58:31 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3987
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 04:58:31 GMT
Last-Modified: Tue, 04 Oct 2022 03:52:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ubppGfyOaDgpGmWLLq6W4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.56.181
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1P4/G6TLoiz3jLVeTThySS+YrBQ=

                                        
                                            GET /ii/toeoispt HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.4coresvisual.com.br/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 15363
date: Tue, 04 Oct 2022 04:58:31 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18070), with CRLF, LF line terminators
Size:   15363
Md5:    510f60e31317bfb0d8a3d5f9b731e74e
Sha1:   de02ca79a79b297f0c9a39e2d21f1e2e06543297
Sha256: 85a1c8f25bfeb17e39447107d76dab2b8eb916273bd6cae6bfe8b3281edf28f3

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 04:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-187231437-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 04:58:32 GMT
expires: Tue, 04 Oct 2022 04:58:32 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42383
Md5:    5adaf3a61bf15f705825336d18782420
Sha1:   32e8a531409a57c207130f69b5f7464570b38aa5
Sha256: 6ddd5829dbad40cbe0f00f7640b844ac8211d6b72b0ae921a3fb775e116be372
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 409 Conflict
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
content-length: 83
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7.min.css?ver=2.6.2 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 409 Conflict
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
content-length: 83
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 04:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 31 Oct 2021 19:37:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14560
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33376)
Size:   14560
Md5:    6ebc7a4d773cb1f29a93f605933fba76
Sha1:   b113ca39afc5fd44cbc06dca58945bb5e9fb771e
Sha256: 7a12133f8cb48c1b5b4631ee9e9a0eebe36bbf2bbe1eb792b0f9fc630c18bd76

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 24 Sep 2022 16:38:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4436
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30283), with no line terminators
Size:   4436
Md5:    c2c381b76f533a3992b1060b1e8275ed
Sha1:   8441603d412df07e265d70d72569bd3ed90c51ee
Sha256: 6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.10 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 24 Sep 2022 16:38:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2462
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6021), with no line terminators
Size:   2462
Md5:    551e7026086fdcb28d300175aa8c7693
Sha1:   24eceb9f59705dfeb90fe92cb59c1dd370de56ff
Sha256: 1562188078829f3f5d710b46ec8ad9cd17b895d1f7b598c5906fa4d26fc15e3c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 24 Sep 2022 16:38:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12538
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   12538
Md5:    9c3f1faefbd8031a9cfd4b9c7b718779
Sha1:   6d9ef394433f1ed1cfaf9081a2396ae2d9413dc2
Sha256: b01d2495d5c65226bd18c6abbaad74ae34a021682225c1c9f9fab5b1f85c753a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=2.6.2 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 26 Dec 2020 11:47:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 468
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3412), with no line terminators
Size:   468
Md5:    f88a6a529851c8ed1ffe2bd83219e490
Sha1:   597ff167b702900ee4473e31e390808b8de95664
Sha256: ae20c6ea52a0534fdda58a7ae13839ac66194434406e00a3bb5f4538f9909886

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 409 Conflict
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
content-length: 83
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/NavMenu-Plugin/assets/css/frontend.min.css?ver=1.1.6 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sun, 25 Oct 2020 01:59:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4904
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4904
Md5:    bed92fedbd698c11023abc4ac693ca88
Sha1:   df95e3ed37d01841b28aea907b15f2c4ccec02b6
Sha256: 426fb18ea25b2b66e6dac7e9140b9268d04191d8d4f3355419e11aacb34b9e1c

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 Oct 2021 19:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2635
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6406), with no line terminators
Size:   2635
Md5:    340db4973d1ee14c5348599f661a3220
Sha1:   d4cf31e2af7774c276d7a883733a8392e232df49
Sha256: 85d0de0d6dbe1f487407829c52413d7e81c7c9ed28bc3ae9079c19303e91f678

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.6.2 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 26 Dec 2020 11:47:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3642
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10594), with no line terminators
Size:   3642
Md5:    5c244ddd3d5b81f943cc06bb3d39eae0
Sha1:   937bc56733f05985e8b6bad6e6ccd11e106c59eb
Sha256: 7f4883c7ab2bb307c921ae27ce4821017e907b8361b421883f61495c40cf9965

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 24 Sep 2022 16:38:20 GMT
accept-ranges: bytes
content-length: 40
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    94d041d462db321cdb888066586f2068
Sha1:   717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
Sha256: b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.3.1 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 24 Sep 2022 16:38:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2938
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8016), with no line terminators
Size:   2938
Md5:    3fb911c81f788558bc6d1107199f3531
Sha1:   6dc32db62563450febea4e0f43b7da34defbb99a
Sha256: 7ac7ac2450edf5bb80788a92c271b0a0e806aacbfd4cced63e941a3035cf43c1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.3.1 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 24 Sep 2022 16:38:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 900
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3432)
Size:   900
Md5:    1e0ef5b4ebd931aecd01564980628978
Sha1:   e618b92e03a6c4bd4abffed22abb1e835c05a601
Sha256: 1deef467f6db854d82e8c6288086664c7cf60a41b18bb7216d63bb83061ba878

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 04 Feb 2021 04:42:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 777
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1391)
Size:   777
Md5:    06ece4d01ee88297957c9f4cdcaa4df5
Sha1:   2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
Sha256: 0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 24 Sep 2022 16:38:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3861
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1577)
Size:   3861
Md5:    0de3f234bf5adf709c64d6a81701e107
Sha1:   ec76e30709d2ac94c86121529768c54b84943872
Sha256: c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/clever-mega-menu-for-elementor/assets/frontend/js/cmm4e.min.js?ver=1.1.2 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 22 Dec 2020 20:03:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1291
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3375)
Size:   1291
Md5:    dd586324689c1fad3eaf1e505a114fc6
Sha1:   4c1a680af19854574c983886689bb60730c6ba34
Sha256: f2b8b0552a361c74f5112e03c6d6ff5fa65fda325ed47479a32115b3e9f631e1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.5.3 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jul 2022 13:38:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1910
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1910
Md5:    6e5f89bd8a4df07524ba6c6239a56e0c
Sha1:   b861d11b9897ea05a206eb3481b82dd3f885de20
Sha256: 95438bfd71801aadd66418a017d427b8357559c622758d8d39b3bf1d5ebaa09a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.10 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 24 Sep 2022 16:38:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3164
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8029), with no line terminators
Size:   3164
Md5:    3869ce537714e83b37c997801651d389
Sha1:   76a99ced82576cbc7c9c671a2d982aafc7c2b3ec
Sha256: 5904864fb36b5d949dd95c46dc7248b9c6205a7859af0cad5b3a99378b7fb98b

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 Oct 2021 19:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6935
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16323)
Size:   6935
Md5:    122fe79a1d53d10946cded540d2e219f
Sha1:   6271fdf889afe8a13d7c69efea9b40cbd0d81939
Sha256: 94cb1b0ca86f7f0bb7bcc81b42a06b6199bd37ff77ca88dccf3acc92683f3e24

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 Oct 2021 19:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5243
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15224)
Size:   5243
Md5:    00af0ddf324f69fcb25f0d2e5d08910a
Sha1:   df0379ab0e1b2902957c8aba77f89d88e1239b59
Sha256: f0a06ed3b8d3917b358def04d87668001cd1c6da31a5cb4bb452313feb64a2a7

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 26 Dec 2020 11:46:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4618
Md5:    acdb97105af28a7066790c6748ae2e1e
Sha1:   65794d2c5a9d04f747faf370bc8bacd330e69e5a
Sha256: dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 409 Conflict
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
content-length: 83
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   83
Md5:    26267cd8990f15d3bbea71684a6d5995
Sha1:   ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
Sha256: 769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 24 Sep 2022 16:38:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   83691
Md5:    226af25c0afd9ff6fed306c6aeb916cf
Sha1:   c8f1eca87e105d95f161507c807de0bb42763e8f
Sha256: 38f6cae42e65e07f74e243348eb9f7c00fbe3694bdfd39a39ad08716b8715358

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 04:41:09 GMT
expires: Tue, 04 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 1043
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /plugins/ua/linkid.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 04:19:06 GMT
expires: Tue, 04 Oct 2022 05:19:06 GMT
cache-control: public, max-age=3600
age: 2366
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1335)
Size:   859
Md5:    904463ce35aee800847ab85ec948aaf6
Sha1:   904e4d2647466c7f7e0f7412019984e3b2ccfb24
Sha256: 057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
                                        
                                            GET /wp-content/uploads/2021/10/cropped-LOgo-4-Cores-32x32.jpg HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 16 Oct 2021 12:09:50 GMT
accept-ranges: bytes
content-length: 11066
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 32x32, components 3\012- data
Size:   11066
Md5:    261a3e03e7b3998e11ff49a686df7b65
Sha1:   9ca4e76716a6cb5dbf96e9ef402465cac7f608f3
Sha256: 0a00a07011716d33f952fabca4e2607e13ea22e26dbf904896416705405cfb33

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2021/10/cropped-LOgo-4-Cores-192x192.jpg HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 16 Oct 2021 12:09:50 GMT
accept-ranges: bytes
content-length: 15208
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 192x192, components 3\012- data
Size:   15208
Md5:    bedbfb0cb1c9672183d3fb70f1f731a6
Sha1:   3ae501007a1a7eb1c87e6afabaa3a0ebba6003d4
Sha256: b7940da524fa03fe9317af943bb2ba3fe09cd06a8ed9ba90fea4d1689e6f82c5

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12901
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 04:58:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12901
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 04:58:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:38:28 GMT
age: 22805
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5083
Md5:    34f2dfb2faff276db1d4a57739db2450
Sha1:   f5ce815082043a4efce28fc790ae7d8b3a8531f8
Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 942
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d0984d7-fe4f-4f96-9f0f-17e0197a5cb6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5857
x-amzn-requestid: 51f3a938-30f6-418e-970b-439bdfbb7c2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHIAIAMF6PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-6d97d5ff3c3589ee1e900a3b;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OModa8qHXEimXsJhr1DiYifYbFLgI-yMvAaKZA2SsRyU1N5CWwoVOg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:16:34 GMT
age: 24119
etag: "1d90e98d3666fc8618130eac15972d3a08addf16"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5857
Md5:    78caa2bb8e856110416bc85ed2420d20
Sha1:   1d90e98d3666fc8618130eac15972d3a08addf16
Sha256: 5175905bdbcd0a325ff666148a77503f14d1922d826ad14a9c3d09846d77dff5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 26053
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 26040
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0001afba-471a-49f7-bb38-3d4741a9581b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9708
x-amzn-requestid: 7cfcaf0d-1663-47d7-b08e-be3d0c39e035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFjHB5IAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-04c5da1940a620507649b822;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: j6Dmt8fKVZpnIz2xaZxPMgcGiimesfZoXqtMRv7QFt0pH42Dp976jg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:16:17 GMT
age: 24136
etag: "dc7bc4a378c0ddcd81e51046d21ed02b8be11a92"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9708
Md5:    90fead0b9104991552ce689230661d48
Sha1:   dc7bc4a378c0ddcd81e51046d21ed02b8be11a92
Sha256: 94a1a4199f7cb7bc0b48b00aec745e89f2c65dadd905b27879d39347deb44496
                                        
                                            POST /g/collect?v=2&tid=G-B7B3NBP4HB&gtm=2oe9s0&_p=1388900282&cid=757952955.1664859513&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664859512&sct=1&seg=0&dl=https%3A%2F%2Fwww.4coresvisual.com.br%2Fii%2Ftoeoispt&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%204%20Cores%20Visual&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.4coresvisual.com.br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.4coresvisual.com.br
date: Tue, 04 Oct 2022 04:58:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sun, 31 Oct 2021 19:37:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Sat, 24 Sep 2022 16:38:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.6.2 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Sat, 26 Dec 2020 11:47:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.5.0 HTTP/1.1 
Host: www.4coresvisual.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.4coresvisual.com.br/ii/toeoispt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.172.172.64
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Wed, 20 Jul 2022 15:19:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 04 Oct 2022 04:58:32 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed