r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16398
Expires: Thu, 24 Nov 2022 11:52:18 GMT
Date: Thu, 24 Nov 2022 07:19:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3089
Cache-Control: max-age=101025
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:00 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:22:45 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 07:17:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 105
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18897
Expires: Thu, 24 Nov 2022 12:33:57 GMT
Date: Thu, 24 Nov 2022 07:19:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tlvwEUrAw2fUs7nwIcHknv+ck9eYc3ig3ov9Px/5nB7RRAzqkhQDm0cK4sHQxLpUBMq7fFAA/1o=
x-amz-request-id: 54DYSF9AYJ6G3QS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 06:43:18 GMT
age: 2142
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:19:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/produtos/
98.142.105.26200 OK 8.8 kB URL HTTP/1.1 uniaoeucaliptotratado.com/produtos/
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (727), with CRLF, LF line terminators
Hash bf14220f7f56639af90bbf3e123fe842
23298a323d88021fbdeb3bcbe44a58d7863bd4f2
96ba969ddc6456f4eaf726748347a0c773d0e6ddb33109a8b079d58a45fa0d28
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /produtos/ HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:00 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-transform
Vary: User-Agent,Accept,Accept-Encoding
Set-Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20; path=/
Content-Encoding: gzip
Content-Length: 8760
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 07:08:53 GMT
cache-control: public,max-age=3600
age: 607
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4947
Cache-Control: max-age=97820
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:00 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:29:20 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-840881667
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-840881667
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0a69525cc0e66c904b859e94204ac568
65ed92c8a6101b3c8dd5f1302174c125d2357180
ff17c8f763c8188ff08cdc57f29bbfe4b5fe70aeb24e0cdfd642aa23e3465fc1
GET /gtag/js?id=AW-840881667 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 07:19:00 GMT
expires: Thu, 24 Nov 2022 07:19:00 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/plugins/js.js?v=14.0
98.142.105.26302 Found 238 B URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/js.js?v=14.0
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2f5a28f419be1c44b71f8d40811a496b
b3d7969361349ec0efdfc34b336e1ff722df5749
33de87a8e69afdb0dfc71af6ebbe85e342955e50a68fd3cee909d23605987a53
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/js.js?v=14.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:00 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/plugins/js.js?v=14.0
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:00 GMT
Content-Length: 238
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtm.js?id=GTM-MDPTM3D
142.250.74.168200 OK 472 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MDPTM3D
IP 142.250.74.168:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
GET /gtm.js?id=GTM-MDPTM3D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 07:19:00 GMT
expires: Thu, 24 Nov 2022 07:19:00 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37769
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /FpXTBH8TrEKJvzaeFfKqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ph02b0pDVA7fZvs91jwRlA+TG2A=
uniaoeucaliptotratado.com/plugins/style.css?v=14.0
98.142.105.26302 Found 242 B URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/style.css?v=14.0
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 042967575ff36934123a8b5980373cde
081f526d8e1c89e621a6d807bca9605cffd48b52
6369b3515b73853c1c8a5a76e5739350188cae6b65f87903afe7c587d90c3f98
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/style.css?v=14.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:01 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/plugins/style.css?v=14.0
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:01 GMT
Content-Length: 242
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/css/bootstrap.css
98.142.105.26302 Found 241 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/css/bootstrap.css
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6a13f4393ad15499da909056b98fd089
b20438d9dad4cbd76f963212af9be11ec75c823a
0344907786a327eb8107307fcb09f5844406ee7afa982cbaadf788f0129fff23
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/css/bootstrap.css HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:01 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/css/bootstrap.css
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:01 GMT
Content-Length: 241
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/plugins/js.js?v=14.0
98.142.105.26200 OK 95 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/js.js?v=14.0
IP 98.142.105.26:0
File type ASCII text, with very long lines (32038)
Hash 94a3de161cccc393f5dec10cb9467145
64fc3e30057fb0e153eb8ffb843d12729c23860c
61a0d33c90afb0a64b77ea75b1abd29637ad914a082beb9b5a42ae7e9d32430c
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/js.js?v=14.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:01 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:44:56 GMT
ETag: "4fe00-5873046967a00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:01 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2980
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:19:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2980
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:19:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rrs7G6Wto6iY0rT6KsKwKAOPJjehXqD0jHZrR_eaiqpepQILFr7Dtw==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:07 GMT
age: 34195
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af618f978f520f4f15acd660f5e91ad4
fcbe3938574e2a3b0d303b7464ae6f414d7dc356
6f8c21090c99c98e8ae89f60b1cf1cd882194dc83db96808a0b5bd553ece8a56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9119
x-amzn-requestid: 0321de47-3dae-4ad5-86e7-fd766326c6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClGQWoAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-5bc883d93cedf8ec36517fe3;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gvEmzs6OvdD0s03wFTgS0RYBkikZ9VHk0eOArDVQwZ1vNSMBcJ97mQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
etag: "fcbe3938574e2a3b0d303b7464ae6f414d7dc356"
content-type: image/jpeg
age: 34433
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:51:07 GMT
age: 34075
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 34270
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xYCpAPfR8rrHKURifh5EhDmMte-T2EgDeqP5jD24Jb0ICkXcpbnU5Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:30:43 GMT
age: 6499
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1234c13159d1531a698ece38a3bd7ff6
6bd60504d4450a090e6f82d15f2f28b371e4dfcc
488a827d4d2074371860dd556b3611c56a19502d3348e0a7d35c4f7556f63b3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11969
x-amzn-requestid: e7ab6bb2-9bc5-4862-901b-32f18322db46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwBJFkUoAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e93a0-56d902c0481eef0932dad57c;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:41:52 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zluh8EkvyvbxVT_lmb1uh3eLph9eMUrsuLlwPYAOmP9-sWAhGyxeMw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 34433
etag: "6bd60504d4450a090e6f82d15f2f28b371e4dfcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/extra/css/style.css
98.142.105.26302 Found 237 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/css/style.css
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f52ccf132e512d107cf1eeca334155ac
47c6123ff68bfad07acbd1ae87eab05be49e5bf0
84292554e73cd25deaa026f3a5d97ad12107e3189cd45c882d0f12ca7942df55
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/css/style.css HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:02 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/css/style.css
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:02 GMT
Content-Length: 237
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/css/style.css
98.142.105.26200 OK 16 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/css/style.css
IP 98.142.105.26:0
File type ASCII text, with very long lines (360)
Hash 70f862156840f2f7256c5839b29423f2
0cd8e5a7a48d756b5130f8ad0ab888b3fac40d28
82602ebb76260897ef543315fb4867f12938233b74827a4994f70d5fea716e79
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/css/style.css HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:02 GMT
Server: Apache
Last-Modified: Thu, 13 Jun 2019 19:59:10 GMT
ETag: "1651b-58b39f6a1aa75-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 07:19:02 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15559
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css
uniaoeucaliptotratado.com/extra/css/bootstrap.css
98.142.105.26200 OK 21 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/css/bootstrap.css
IP 98.142.105.26:0
File type ASCII text, with very long lines (540)
Hash 3441d50cfdb62a6bdc3ec77a300b527c
06f136152c8a46345e8a5d36a09128340a712d01
5f051b91ed96ed962b5ef8a5403fa1387c783b7cccad3d678bb3f2fd5db77af2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/css/bootstrap.css HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:02 GMT
Server: Apache
Last-Modified: Wed, 12 Jun 2019 11:08:38 GMT
ETag: "21d19-58b1e6f70e8f3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 07:19:02 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21050
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css
uniaoeucaliptotratado.com/plugins/style.css?v=14.0
98.142.105.26200 OK 43 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/style.css?v=14.0
IP 98.142.105.26:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ae0c86a80e1869fd74edc59e05f682b8
c2bf92d41fd46dbe39fd743c759cc825e1c70e96
f8831d935f71aa17ffa47e07b848de2cf62367c579961b79dcc98434c6fa0dd5
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/style.css?v=14.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:02 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:44:56 GMT
ETag: "3e522-58730469857a9-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 07:19:02 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 43265
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css
uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
98.142.105.26302 Found 257 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0c3a33bf21c3f10b5b0d554e36266b18
325711203e3eeb43a7ef82d8e627ccb49628af5c
fe491e22c716b2eb010f15df8c97eb977830af5676b00f0c6dbf212fe51cef32
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/ecorecycling-logo-main.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 257
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/images/banner_es.jpg
98.142.105.26302 Found 244 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_es.jpg
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7abd4e85d350969b690be93ac7c8cdc1
2d6f586460c4ce6a88fe5f1d4758d276a5634e66
2397756aaa938e42bde568d5cf7727acd5a8815c85b818f787cf2ec4b0d6c0ec
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_es.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/banner_es.jpg
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 244
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
98.142.105.26302 Found 246 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f83ecd202aa16327098b3f2e0a56162
4a9538da6c402bbf0ecc3c73f5ff196d03e4120c
f8f5f9e1557fb2b0bf19fcf585c57641f4473cbf3f45c7d70309daec90dc4f2e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_blog.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 246
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/images/banner_serrada.png
98.142.105.26302 Found 249 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_serrada.png
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5ebd41a7858523a327cce9748b3f9319
84e120399798f0bc07956f2460fb36f1bb093895
d7024dd8ca87178c926b0214b540e83b026b53aefcbaf2c2be6c43e19f77fffa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_serrada.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/banner_serrada.png
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 249
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
98.142.105.26302 Found 254 B URL HTTP/1.1 uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 526a3cc490a2cb5eddf763280b9656b9
4cdd5e40499affd70011d982a971d9a1b85422b0
cb959390dad3b97cd6e38398678d9c33b2e3a9830124d4898957d332c9f24cbb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/img/outros/carregando/loader.gif HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 254
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
98.142.105.26302 Found 254 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4e230e0f695afb89ee06395855c35aee
ac665bc8629acf7723eaf9be562dc567c811fc2d
a7b88fcc750373f512d83219222a3766654b84fc1522f88ceecf88b76a724daa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/logo_uniao_madeiras.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 254
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15556, version 1.6554\012- data
Hash 4c9a4bc2b383253d953bad3699c3ab1b
ec2590bc030c185025fbc09afe2f268af6e38985
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
GET /s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15556
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:25:15 GMT
expires: Wed, 22 Nov 2023 01:25:15 GMT
cache-control: public, max-age=31536000
age: 194028
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v10/BObL_3V2WX-YniTOi4CsnvesZW2xOQ-xsNqO47m55DA.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v10/BObL_3V2WX-YniTOi4CsnvesZW2xOQ-xsNqO47m55DA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16216, version 2.0\012- data
Hash cc1b1c45f828261a1879594d00c35f01
a78271bfabb536f3453d9ff8109d1140e63349cc
5527dccae6db8d6434359c94cdfe4684d674edca48f7502e6868d3c4a6b33b14
GET /s/oswald/v10/BObL_3V2WX-YniTOi4CsnvesZW2xOQ-xsNqO47m55DA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:43:09 GMT
expires: Thu, 23 Nov 2023 08:43:09 GMT
cache-control: public, max-age=31536000
age: 81354
last-modified: Mon, 06 Oct 2014 20:40:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/web/img/outros/input/bg-input.png
98.142.105.26200 OK 163 B URL HTTP/1.1 uniaoeucaliptotratado.com/web/img/outros/input/bg-input.png
IP 98.142.105.26:0
File type PNG image data, 1 x 50, 1-bit colormap, non-interlaced\012- data
Hash 444ac600c9213b838c7fd44723fe4c99
afbd984bb045cbeced4c6fa93f2629a7b02bec29
08acf5ac072cd7550d7d6e59fa0ce570b516347c52d03648985f506e0fc9c41a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/img/outros/input/bg-input.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/plugins/style.css?v=14.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:34:58 GMT
ETag: "a3-587302300baee"
Accept-Ranges: bytes
Content-Length: 163
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6163
Cache-Control: max-age=118091
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:03 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 16:07:14 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
98.142.105.26302 Found 251 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb7ed7f6ad071ec537ee1ea13396713f
29a3d3f123473cc19a91cbd93d85bd27af7ecd08
f3cbab4b839fd208b21863a30b8ef6e7b9ef484fcb46fe12053a5ccd735c2de0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_capelinha.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 251
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
98.142.105.26302 Found 250 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3bfd32544998f7cb4e23710b6250c727
269e9bda4749a0df8f64533d9d2d1f8f4269338c
598c02ad5e394084a10a5ee7cbe5ec39296507a08907a20eef53fe6b371487d9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/botao-orcamento.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/produtos/
Cookie: PHPSESSID=v8un67qeqna2gtss3q99ncad20
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Content-Length: 250
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
98.142.105.26200 OK 32 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
IP 98.142.105.26:0
File type PNG image data, 380 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash a41125eb64752ab8555b46c97fd5284e
ac13630fd5718264f58a49500483e9253772827a
a66a12d08e9290ec669d47cb0bf3ce7a241f45c239bd7361157ce34e22c8a7b7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/ecorecycling-logo-main.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:08:57 GMT
ETag: "7b91-5872fc5f2ae69"
Accept-Ranges: bytes
Content-Length: 31633
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png
uniaoeucaliptotratado.com/extra/images/fundo_orcamento.jpg
98.142.105.26200 OK 87 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/fundo_orcamento.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x800, components 3\012- data
Hash 5f526387cf58fdf1e021d6e851dcb36f
9030cd1dac3678d09e96db08ac79abc5c734971f
aa4116bef915a2adf4934ce18e22e3bbbe7dd76594a691414ce96cbc3f3218a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/fundo_orcamento.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/extra/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:09:01 GMT
ETag: "153c4-5872fc6290fa0"
Accept-Ranges: bytes
Content-Length: 86980
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6163
Cache-Control: max-age=118091
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:03 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 16:07:14 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: bP7Hn62kFAjWr7jSa5xbIHjvtrymCc5+/BWiU8jmZWvoE9UNywvxV+fazhrnkAfvO75toNN1+8hqwJRQpK4bpw==
content-length: 1657
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9885)
Hash 71e8e93b5e55f2010013b0814f4e3ae5
4732ba3acc539a0e9ff12d08c1b5a16f535bd594
b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:00:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: xNMEqKRDVj4teeU86xWeHc2BjalvsIzrBQO4fCwNFQyUX+dAMJVUEeAzoWGJck1J2GJpMFWKQZC84kS2UsASGg==
priority: u=3,i
content-length: 8748
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42048)
Hash 3051900d03a657ddbbc9afa8ac11cdbd
557f26734897e137a6678f6d2a81672fc6a34ad2
038035ce01be57324c7e251c8834229b4910f27e3a042912fd7276947e5750df
GET /rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:32:37 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: MFGQDQOmV927ya+orBHNvQ==
x-fb-debug: bYJtwnmxjXNN/5yVzx0xIPOgUd6Q8v8AOjtZxr+sBc5dyqixEfG4vUGd0PG5yIVM8WsyOnRU3pNCX33EeE2n6Q==
content-length: 23455
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 3.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (3040)
Hash 67341f39b2ce247e697a10779f128a4d
f02c4778acb39deb48e616259ba730fd59a19fc3
7e7f121969a70cc7962e6b31531a1afca8d5492879b9b52291b2c8014ca0bf76
GET /rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:25:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZzQfObLOJH5pehB3nxKKTQ==
x-fb-debug: xXc3tB6KW2GlKJu1jGtCJl1gxVhj5AQ85x7wZ7SmqXL5xeWj0x3cQ1IVai2V73sS60cXq/nCIPlGg6/Y4DvsgA==
priority: u=3,i
content-length: 3399
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:18:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: DZhU5MwmbbIIVGRdiUxU0LCjP+Pg/Lu5l9kyPRqKLtZFG3Mdj7yoWkGHBpn/J6Hl6OgtOkcrGjypCwpY1KmM2A==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
98.142.105.26200 OK 4.2 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
IP 98.142.105.26:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash e4234472afb925ddb203ad99cb2ec0b0
385550a74827324c3cd787275290e96311dfc8fb
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/img/outros/carregando/loader.gif HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:34:48 GMT
ETag: "1050-58730225daad2"
Accept-Ranges: bytes
Content-Length: 4176
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/gif
static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2905)
Hash 7734711815478192096a4df90abbfa01
ea16129c6f54227d9d01bf3421e68863e75ffd7a
22cf4b88ca3b9208f44974e02dc6f784021871877121c7d03b310d7264ced0e3
GET /rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:17:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dzRxGBVHgZIJak35Crv6AQ==
x-fb-debug: NPG7cUx7io88tftsvvRij0CszNI0CPq7sIm2xUD4riF1w4KATain+ASLapi2Soo40inw5jzizwlumjWHHhA6UQ==
content-length: 8360
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 19 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (8606)
Hash eab4d9652bb152973a26936fc85f09f5
756a00cb73057d7aebf869b203663a635de8e74a
01cf1611e7f1431f2532cea3c2377f5b56ce369beb6ab0fdf7c0cb22d8a8fa3d
GET /rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 18:11:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 6rTZZSuxUpc6JpNvyF8J9Q==
x-fb-debug: 6BP43DwxvmnnXp3/xPhUVF/rUq8GjhPjTykhFiLTAwXeEEce/8ohn5u4ETUwJ+afNJfIs3CFPNtOCn5Dj0vG8w==
priority: u=3,i
content-length: 19088
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ivrH4/yL/l/en_US/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 80 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ivrH4/yL/l/en_US/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5723)
Hash 1ed8efd70628a27649bb3fcd4f0d377c
30a470635cba3637fb56ddcdd70708557777e869
6d897123b13c29f6e3ae516fc1ad3028a08c75f9a35368733b58eb3905d9d75c
GET /rsrc.php/v3ivrH4/yL/l/en_US/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 21:08:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Htjv1wYoonZJuz/NTw03fA==
x-fb-debug: bzF9BqaBsj2Omywi0XxMoQLxgSMONnYUtMS9WLpILZ+1ct0+Mxnv2uua1Tfdlu0o/UUGOq1H/1bmsEgBz1YlcA==
priority: u=3,i
content-length: 79543
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/qnSc4RA_g8a.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/qnSc4RA_g8a.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (866)
Hash 1860620e865f29d283c8ffe6fa0a52e6
96d773fa4f51e11d3ba07a4ee96cae87f1fd8a6b
b0db87bd4d691eaa04c729d02ea8c1be9db56bcd9d35fbf787ae06b6f4a297b8
GET /rsrc.php/v3/yJ/r/qnSc4RA_g8a.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 20 Nov 2023 17:50:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GGBiDoZfKdKDyP/m+gpS5g==
x-fb-debug: enRBDeuIuOzHda+T6ZKAtlVW1powkVjpEGI4tmtPXoq+kOtT/XNVsZ/TBVMDBMGmdPvJZcnrT33NJSbOD2lBGA==
priority: u=3,i
content-length: 1022
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 232 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
Hash 9e9f7c79f2773bb18cf6ce4cdfa368ef
670d1cdcbdea9485d6a19b67e12f247a19cab3ec
bf3e32d807092fa60d6a1cecb6b4d80ce20f1ce7b715a34707184bd31016e189
GET /rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: np98efJ3O7GM9s5M36No7w==
expires: Sat, 18 Nov 2023 18:13:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: OTJO0QHdGXUQSkwcHymbqZtqKNwGuLcLhLYkg2ntQFlwjeXe3K8TvOpehxKFtbmvzm5HuB07PtqOvV3legsIsA==
priority: u=3,i
content-length: 232
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yP/r/UDmYwShqrj4.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 6.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yP/r/UDmYwShqrj4.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4488)
Hash e1fd0906cb6f69a93c5a8d63a103bd5b
e0eae24eee2fdffa9675690d7afb66206ac58bf2
a0e3ab716081eba89c66fcac1803018b9ab26945db58bcd48eec34f0a5ad2d5c
GET /rsrc.php/v3/yP/r/UDmYwShqrj4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:15:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4f0JBstvaak8Wo1joQO9Ww==
x-fb-debug: K4sMxFzRJ6uBKLjwtnYv3PHD7nca3WG371ClCTTGiQNIT69yg14hM933k2CEW8bCLgmkvwrzFTidKg0FGWhCPg==
priority: u=3,i
content-length: 6378
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4057)
Hash 571700b5a1e8db88d5d79007a910b962
07102cc5f2b19f190830664e1ec6718efb33c011
ecccefedaf39e094079b22880aba987993015fbf1b70fd3c63bc57dc10685f11
GET /rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:04:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VxcAtaHo24jV15AHqRC5Yg==
x-fb-debug: NT+M5oXO8pwkIMnEqGwapf+WVRORcDdI9fHky/3paBQ/wwz6CTFWuVr8ViFofTrTwDWDAUG1I14mocRnBu+xzA==
content-length: 7238
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (10494)
Hash 092b5c28d77f2d11674919ed34ea81a0
4c4f97066f7b733e29643697757417a0e2bee99d
1533d3e4e835168cd2456621fe6cf46db9255586262b7703b182155fa90e33d7
GET /rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 23:29:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CStcKNd/LRFnSRntNOqBoA==
x-fb-debug: yJCEkZ80cU8IKuvrUr4gjhyiwvMADyZ34gwf/JrGP0B3pcOOqAAdaCdnxsuzsj7MTwccOv3ZSXqhPbnGBk/0eQ==
priority: u=3,i
content-length: 5016
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4643)
Hash 3d04fb0bfeec2de76f7a043b3c9d381d
42f49d096e57efaf7d7fe8332d40c4c72da97f7e
81b535cf6d8acd9c9841ae1fc8750ef9c4ee0892e11ed6edb30747f9a4b5d3d2
GET /rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 18:09:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PQT7C/7sLedvegQ7PJ04HQ==
x-fb-debug: ww0Xi9Utahc6hfg2xq/bjaIJgBYj5x/K092WWy7BPcHdcUiu+01AuLYO0MegWkvHa7KEuokuXE+PYXbytro7RQ==
priority: u=3,i
content-length: 7564
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 15 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (56522)
Hash 9be66ca068832ec5c575ac6d6d9b6923
bdcbbf3bff75f58bcafb6e4179595f591dc99d32
b8ddffea993cce43fcfd1fd109cf6ccedd74a1774aef19b16bf982c5856c537f
GET /rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:57:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: m+ZsoGiDLsXFdaxtbZtpIw==
x-fb-debug: BDln0xwr3H7dJpfLI9elWHG5jeqCNo10TyGs3VT58SA2Vtzm1QmBo/AJn9LE/hKfnRN6w5VMRa7DqhS5BCjqlw==
content-length: 15217
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
98.142.105.26200 OK 18 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash bf38f20c0226b155db5805d313503ee5
54788b3ae2aaf1e5ce9e5c97819b910e30688455
07a8c7584176ce9a4ebc64bc4b20d77ae7d74d5f096a7da2bd86e7eb15a4a971
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_capelinha.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:22 GMT
ETag: "46f2-58b01551aa1c7"
Accept-Ranges: bytes
Content-Length: 18162
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
static.xx.fbcdn.net/rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 48 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (5068)
Hash e5396e537f790a057e686148c619bff1
510736e3853128533f5a2ff8c39d95d0158f7e06
122a8b1ef657fe42bbbefb88f7145c49071418626de029c63c0fa00674339f63
GET /rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 23:58:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5TluU395CgV+aGFIxhm/8Q==
x-fb-debug: oZ4fFwQTzmD0m045IPJ2S5ta5BWpwHWTSNi/sdrsWoD0c4eQpre7yDx5nJrVBFmMJdaYSXbm1opsYMQfqWMAsQ==
content-length: 48023
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/Z8HwmBQAssQ.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 4.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/Z8HwmBQAssQ.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4431)
Hash b113b03774dd681750e13a29e21bb731
7f04db6a230a826eecad3667b4e770b9e72ec31e
193918cbf46245338989996fcd9c0e76f0625e1a39f5ba648a2fac2960a1b16c
GET /rsrc.php/v3/yB/l/0,cross/Z8HwmBQAssQ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:25:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: sROwN3TdaBdQ4Top4hu3MQ==
x-fb-debug: 2+7xHS/eDx07NmhPNkyywIjCCVloU4QlzRZJJgKsbCgCjIDfHNXfHrBmU+/Xx8tnlHsCvyab2/94fUDvDqkzFw==
priority: u=3,i
content-length: 4377
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:38:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: wiiQpSv+hINmxdmDh50qRYLH0Cc0/G7L/Ii7uM69ujJ9255olUBP7wXxq1ttCrD/GuMczOSWMrxFCttWIBEa7Q==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
98.142.105.26200 OK 32 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
IP 98.142.105.26:0
File type PNG image data, 500 x 150, 8-bit colormap, non-interlaced\012- data
Hash 2bf85c7707a721ddfb45c52f49afca95
11d40b46e2d5243b11b9cc17d7f373cd4320172b
1c45876a76bf3167a840432bc61940c44988b9c08fa383603200ea94c7c0d30d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/botao-orcamento.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:30 GMT
ETag: "7dc1-58b01558f0d14"
Accept-Ranges: bytes
Content-Length: 32193
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: image/png
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: W8oNQ20RRci19DZRKo9uDRApdh+0a2rAY6qTH85H4Hi9P5kV6tLh8k37VYg3Sb5ZwVDl6wz3D24n8ZMMRcEPrQ==
content-length: 16262
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 6.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (8976)
Hash f18f13f03eb9d52cf83c0aded64079c1
179fdcc3bd0003cfcce42e26e8660556a6dc7c8d
eb3454aa82bab984d96df0c169a4d2fcc20b98d50f2b96eef42452aa1f139d54
GET /rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 23:36:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8Y8T8D651Sz4PAre1kB5wQ==
x-fb-debug: 6mVzSiW1+qxy9Pd4znpiLSbKy93RfisZKQ+fZjUnG6018gzCui12zJ+Z6yJqMNBbqoij6nSriR7D/cVDCaR/6w==
priority: u=2
content-length: 6445
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:03 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
98.142.105.26200 OK 10 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
IP 98.142.105.26:0
File type PNG image data, 418 x 120, 8-bit colormap, non-interlaced\012- data
Hash d8472892cab5f6e377c5f8b0d25ab8a3
7d8457f5d8de15f373a3ac40584856cdd5dfc864
e57c8360e839181af1be6900c85afbbd0ed8692011db24e88919bdedcb7842bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/logo_uniao_madeiras.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:16 GMT
ETag: "27c8-58b0154c3013a"
Accept-Ranges: bytes
Content-Length: 10184
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png
uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
98.142.105.26200 OK 18 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 66647e0d1bc048b50a6bf5c33e5e55c8
9cee2df8c5d64fc51694d8b3595e191ac65cf457
b3c1ba35c1de0cc70ea708a6be86607ecea5d58c87f990a8a821c27a565e5931
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_blog.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:20 GMT
ETag: "46c5-58b0154f62e2e"
Accept-Ranges: bytes
Content-Length: 18117
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/extra/images/banner_serrada.png
98.142.105.26200 OK 15 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_serrada.png
IP 98.142.105.26:0
File type PNG image data, 300 x 200, 8-bit colormap, non-interlaced\012- data
Hash 6ec0eff21cb12696f0127ab8a2a1d81e
0fd7e02c160eaac84020f5951c7b13bc155f4104
d81c27fb7b8b0c296bbfe65017c7c7e40963116366931174983854fb1ba7c54f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_serrada.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:27 GMT
ETag: "3b4a-58b015562f48a"
Accept-Ranges: bytes
Content-Length: 15178
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png
IP 157.240.200.14:0
File type PNG image data, 65 x 730, 8-bit colormap, non-interlaced\012- data
Hash bb29fc0ca834dad745632b7ba95e8806
221166c768156576b20ad65a7a3021a701da75f4
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
GET /rsrc.php/v3/y0/r/ksSG7BCGzVy.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uyn8DKg02tdFYyt7qV6IBg==
expires: Mon, 13 Nov 2023 06:11:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: omrt0rVfHIX3Eoa1QgV75onjkjULJh6CSIwF6D6NGMTO6R4rVEUTaQTl5fkwBuXTBLCM7hJ4WfVNPqdImolAyQ==
content-length: 12111
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 07:19:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 06:41:08 GMT
expires: Thu, 24 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 2276
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/840881667/?random=1669274340753&cv=11&fst=1669274340753&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&auid=687505333.1669274341&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 935 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/840881667/?random=1669274340753&cv=11&fst=1669274340753&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&auid=687505333.1669274341&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1995), with no line terminators
Hash 88e239ccd2df6eb0c608e895d5b5dd0d
a317a6e20828bbc6c0087c38b7da9c584fe51d1a
c6da2cca5ddfb31d5cb5acb78853b78a45ff950ba6a4f7200d8aaff3411dce78
GET /pagead/viewthroughconversion/840881667/?random=1669274340753&cv=11&fst=1669274340753&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&auid=687505333.1669274341&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 07:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 935
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 07:34:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff?v=4.7.0
98.142.105.26200 OK 8.1 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff?v=4.7.0
IP 98.142.105.26:0
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash 0e536824ddbbd1d04a143542e491a15c
b85eae22c6d0c675e1deb980171633bce4ba5dd8
67228ccdff2a6bf8eab1f55c1298f54d7a4da4c0ccb2d4fe59af87873a6b0867
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff?v=4.7.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:04 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:14:19 GMT
ETag: "17ee8-5872fd91feecd"
Accept-Ranges: bytes
Content-Length: 98024
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:04 GMT
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: font/woff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/840881667/?random=1669274340753&cv=11&fst=1669273200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=980409514&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/840881667/?random=1669274340753&cv=11&fst=1669273200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=980409514&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/840881667/?random=1669274340753&cv=11&fst=1669273200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=980409514&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 07:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/840881667/?random=1669274340753&cv=11&fst=1669273200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=980409514&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/840881667/?random=1669274340753&cv=11&fst=1669273200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=980409514&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/840881667/?random=1669274340753&cv=11&fst=1669273200000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Funiaoeucaliptotratado.com%2Fprodutos%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=980409514&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 07:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:19:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71208931-1&cid=770444151.1669274344&jid=978970740&gjid=1032675311&_gid=384270411.1669274344&_u=IEBAAEAAAAAAACAAI~&z=1327432537
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71208931-1&cid=770444151.1669274344&jid=978970740&gjid=1032675311&_gid=384270411.1669274344&_u=IEBAAEAAAAAAACAAI~&z=1327432537
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71208931-1&cid=770444151.1669274344&jid=978970740&gjid=1032675311&_gid=384270411.1669274344&_u=IEBAAEAAAAAAACAAI~&z=1327432537 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://uniaoeucaliptotratado.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 07:19:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/web/fotos/configs_6__uniaoeucaliptotratado.com_zz39ad4f3fbb.png
98.142.105.26200 OK 6.9 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/configs_6__uniaoeucaliptotratado.com_zz39ad4f3fbb.png
IP 98.142.105.26:0
File type PNG image data, 73 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ff63b213d09ed53ba7e87fb7dfb609f
8c95b2d5d861d245dbfcaa1a951c45d0dc2b739f
58a525d177cfd4b346dc745d69be50635615ee0ffdeb4ee33cab205240a4ba7d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/configs_6__uniaoeucaliptotratado.com_zz39ad4f3fbb.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:04 GMT
Server: Apache
Last-Modified: Mon, 10 Jun 2019 12:52:38 GMT
ETag: "1ac5-58af7a7ab547b"
Accept-Ranges: bytes
Content-Length: 6853
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:04 GMT
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: image/png
uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.ttf?v=4.7.0
98.142.105.26200 OK 8.8 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.ttf?v=4.7.0
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (819), with CRLF, LF line terminators
Hash bfed80c492cee8873aea94d356dccbdb
8d4ffb1cf677adc1a9a18116b26b57db27732789
43c171bd36b9fa83947a37a3f9e6d018dd8469ba2e7f05e1e6e84b1d62289215
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/Fonts/Fonts_Faa/fontawesome/webfont.ttf?v=4.7.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:04 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-transform
Vary: User-Agent,Accept,Accept-Encoding
Set-Cookie: PHPSESSID=phlcp8drtts830d2deqa74a8e7; path=/
Content-Encoding: gzip
Content-Length: 8792
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff2?v=4.7.0
98.142.105.26200 OK 0 B URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff2?v=4.7.0
IP 98.142.105.26:0
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff2?v=4.7.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:14:19 GMT
ETag: "12d68-5872fd92194a8"
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 07:19:03 GMT
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: font/woff2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Funiaoeucaliptotratado%2F&tabs&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Funiaoeucaliptotratado%2F&tabs&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
IP 157.240.200.35:0
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Funiaoeucaliptotratado%2F&tabs&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://uniaoeucaliptotratado.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: cLCFIuATkzG58l7s5La0i6q9QAKrtksSf+Dd/5J+KvcgE6rQSkwseJqEJAG5jw6xEtAgaIwpq39EIIpBvNomPQ==
date: Thu, 24 Nov 2022 07:19:03 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/extra/images/banner_es.jpg
98.142.105.26200 OK 0 B URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_es.jpg
IP 98.142.105.26:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_es.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://uniaoeucaliptotratado.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:19:03 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:24 GMT
ETag: "5257-58b015539e937"
Accept-Ranges: bytes
Content-Length: 21079
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 07:19:03 GMT
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/jpeg