Overview

URL palmitosicoaraci.com.br/bofA/login.php
IP172.106.0.110
ASNAS40676
Location United States
Report completed2022-09-16 02:15:14 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-16 2 palmitosicoaraci.com.br/bofA/login.php Phishing
2022-09-16 2 palmitosicoaraci.com.br/_cdn/workcontrol.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/scripts.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/js/main.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/_cdn/jquery.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js Phishing
2022-09-16 2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-boo (...) Phishing
2022-09-16 2 palmitosicoaraci.com.br/bofA/login.php Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-15 05:10:24 UTC 104.17.24.14
mnemonic passive DNS cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2022-09-15 04:51:19 UTC 151.101.85.229
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-15 04:50:45 UTC 69.16.175.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-15 05:55:58 UTC 52.41.98.34
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-15 17:07:15 UTC 216.58.211.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-16 00:14:15 UTC 143.204.55.36
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-15 04:50:53 UTC 34.117.237.239
mnemonic passive DNS palmitosicoaraci.com.br (27) 0 2015-02-19 13:38:02 UTC 2022-09-08 01:13:08 UTC 172.106.0.110 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-15 04:47:36 UTC 34.120.237.76
mnemonic passive DNS connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2022-09-15 04:55:12 UTC 31.13.72.12
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-15 04:51:36 UTC 23.36.76.226
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-15 04:51:33 UTC 104.18.21.226
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-15 04:51:27 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-15 04:52:00 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS prism.app-us1.com (1) 8479 2019-01-09 06:40:26 UTC 2022-09-15 13:53:54 UTC 104.17.146.91
mnemonic passive DNS diffuser-cdn.app-us1.com (1) 8451 2019-06-13 03:58:17 UTC 2022-09-15 13:53:54 UTC 104.17.146.91
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-15 05:55:39 UTC 143.204.55.49
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-15 23:57:23 UTC 93.184.220.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 172.106.0.110

Date UQ / IDS / BL URL IP
2022-11-08 02:50:23 +0000
0 - 0 - 14 palmitosicoaraci.com.br/T-online 172.106.0.110
2022-09-16 02:15:14 +0000
0 - 0 - 14 palmitosicoaraci.com.br/bofA/login.php 172.106.0.110

Last 5 reports on ASN: AS40676

Date UQ / IDS / BL URL IP
2022-11-28 20:22:11 +0000
0 - 0 - 13 festivevilla.com/Navy/billing.php 210.16.102.57
2022-11-28 20:16:44 +0000
0 - 0 - 12 festivevilla.com/Navy/emailbilling.php 210.16.102.57
2022-11-28 17:31:51 +0000
0 - 0 - 42 festivevilla.com/Navy/card.php 210.16.102.57
2022-11-28 17:31:49 +0000
0 - 0 - 12 festivevilla.com/Navy/emailbilling.php 210.16.102.57
2022-11-28 17:31:23 +0000
0 - 0 - 14 festivevilla.com/Navy/billing.php 210.16.102.57

Last 2 reports on domain: palmitosicoaraci.com.br

Date UQ / IDS / BL URL IP
2022-11-08 02:50:23 +0000
0 - 0 - 14 palmitosicoaraci.com.br/T-online 172.106.0.110
2022-09-16 02:15:14 +0000
0 - 0 - 14 palmitosicoaraci.com.br/bofA/login.php 172.106.0.110

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-08 02:50:23 +0000
0 - 0 - 14 palmitosicoaraci.com.br/T-online 172.106.0.110


JavaScript

Executed Scripts (20)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (65)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 02:10:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 95Hrn8UlBJFncMV8qdb10h3bnO7jG5GktVIbql6pyNr3ZgLaGcq8HQ==
Age: 260


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3578
Expires: Fri, 16 Sep 2022 03:14:41 GMT
Date: Fri, 16 Sep 2022 02:15:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k8KZ7e3TiQizT5khwCYsBhthXsV2DuBDpE2VCAU6FncW5vKpnlM6Eg==
age: 77988
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /bofA/login.php HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.106.0.110
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 16 Sep 2022 02:15:01 GMT
server: LiteSpeed
location: https://palmitosicoaraci.com.br/bofA/login.php


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 16 Sep 2022 02:15:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 02:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 02:07:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Dcg_fGhofo9h-P991TrRKcPjuFiTmWqb7GfOrEbstM7teoUE9F6LA==
Age: 702


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6441
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 02:15:04 GMT
Last-Modified: Fri, 16 Sep 2022 00:27:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/libs/font-awesome/5.10.0/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 16 Sep 2022 02:15:04 GMT
content-length: 9974
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-dcc5"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8740459
expires: Wed, 06 Sep 2023 02:15:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSwv%2BM5hXwIZz8HCHtNjRKh89jN%2BFoI%2F82qNwyCsBmk5tWDk9qAiY3TAIHhgOEw0yq%2BohZz7i8OVH%2BugK2JdKQj0jb%2BZIZ3kIVYy%2BfjimvDU59rmdZN%2BUiEQ6hZEW2mqxH2kNKdH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b6179cbf3eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56331)
Size:   9974
Md5:    504d3db17059beb7c9278d8519c94752
Sha1:   291ad53bb1ac4932600bfb4488c56bc55e4db9b1
Sha256: 53ada737b0df4fdeeb9859542a1f458196dec7829cd87b3c9b9d7b0c58ba0310
                                        
                                            GET /npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.4.1
x-jsd-version-type: version
etag: W/"f8b2-v7ZMVELJO4O8jF4rcNGwrm8YAaE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Sep 2022 02:15:04 GMT
age: 2671658
x-served-by: cache-fra19128-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8844
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8844
Md5:    5813a944575a76776931431ffde6693f
Sha1:   865909634bd204fb4b0c654543fabe87209bdf26
Sha256: 9e3f7c85a1d0099f7f50b05e7e6934129fe6d108d783d34bd599812c53be4eac
                                        
                                            GET /npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.0
x-jsd-version-type: version
etag: W/"13731-2JYXAt9UqpcPHzAIfI0LH2lnx4Q"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Sep 2022 02:15:04 GMT
age: 6298969
x-served-by: cache-fra19167-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22435
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65299)
Size:   22435
Md5:    daa80660d5766073c0be83d6419a3411
Sha1:   1995a34ba3db0fcf5b8bae8b2a1cdd8cbee57e9a
Sha256: 6863336e8f0c91e087d618fb05d13f05894e005447f740b70b084a1426466a32
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3147CAF229D512734A582BBDE18CD81BA4AE47E7"
Expires: Fri, 16 Sep 2022 13:00:00 GMT
Last-Modified: Fri, 16 Sep 2022 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2659
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b6179d0ecab4fd-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    4cc3f4f051bfbb67a8a78b20193c3dd7
Sha1:   0b45b1d884dea5bcd5911f39f815c65bc77ce768
Sha256: 60c52a4568094ee5919e5c8f3e4057b52e387f30b4e025dc5164eafdbc958a6a
                                        
                                            GET /jquery-3.4.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 16 Sep 2022 02:15:04 GMT
content-encoding: gzip
content-length: 30638
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663294504.dop017.sk1.t,1663294504.cds247.sk1.hn,1663294504.cds201.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30638
Md5:    9abb42735168ac9e960b770179b642aa
Sha1:   11475bf8c7244af7a820108b7762e7a3f95aa52c
Sha256: df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
                                        
                                            GET /_cdn/bootcss/reset.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 30 Mar 2021 19:20:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2977
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (331)
Size:   2977
Md5:    f3f53c0d4582e0f26404c3d2a408a101
Sha1:   d389b2a45dd8a24e36a21c8aa74f61138e213751
Sha256: 66358a916a6a4d582580eed5de30019efcaa5a8530429907a23953cc66685102
                                        
                                            GET /_cdn/bootcss/fonticon.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Mon, 18 Sep 2017 09:35:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3634
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3634
Md5:    890bde976fe730a5072539f56195e20d
Sha1:   662dcbbfb48d3318cc493efa5f9a33b3b9c56400
Sha256: b1fd5e950b7dd32537315f7c6e9af24d39e78548e8c586eef32aa76de226dc00
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/pamar/lib/animate/animate.min.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2501
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16755)
Size:   2501
Md5:    8749712e65b163c12306df7f1e7d1261
Sha1:   29347292299cd3a5d207e05c711c66fa20333b96
Sha256: 6042228bdd632754cb22416d37bdc8e8dc62df670899b01b9bd406e442d16441
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X1Fe1N2hLWbLZaDnrfkHjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.98.34
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gKztQ40/XQ5ljIUbdHUdWXhYs3c=

                                        
                                            GET /themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 789
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2846)
Size:   789
Md5:    f28411148e2c4159c779ed6cb9060a03
Sha1:   3e28a7725e7dec0a774b30f749ccc2f4664cc03b
Sha256: 5e569c50803725ebc0c486d05135852e56a7b8b320c9cf6cfe3b201965de0004
                                        
                                            GET /themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1447
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (836)
Size:   1447
Md5:    29842a8c7914e5bcb26c39f8be405856
Sha1:   0ff1fe917ecc77f945f6b59b7a7e15b624b36c7b
Sha256: a80610ce8e9bcb5f8ed5c86a13a5aa384f33943a56358fa4834bf79c1cb10f32
                                        
                                            GET /themes/pamar/css/style.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 23 Aug 2022 19:04:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1580
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1580
Md5:    78ba9e845c33461ec91b5f0a33ebf32f
Sha1:   63450b4b3c5660a41ca2bf019b92e7017ab2e265
Sha256: fe16038bb148d4211839fd72d70e96ed9a6148655124b95c51e1270041fd2e35
                                        
                                            GET /themes/pamar/css/whatsapp.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Wed, 24 Aug 2022 14:48:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1133
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1133
Md5:    985b832ebc38c5e0a3bce4a48ff6695c
Sha1:   ad77e54ba86daa46558e7d3401b48df2d4a0c7b1
Sha256: 51377f27bc6f5c479622cc0dece586601ae7e27a9c4ba340831e9fac24b4c3bf
                                        
                                            GET /_cdn/workcontrol.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 04 May 2021 22:30:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1641
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1641
Md5:    e30f7e4b419c12a9e1e75ae21ee90ca0
Sha1:   0a3ad129938333b08a896f144e57cf5629cd6f74
Sha256: cf522c88c50a3d8bdce0fc755277998ebc5e40b8be4d6dfd78a4daa720e206d4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/scripts.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Wed, 24 Aug 2022 14:54:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 521
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   521
Md5:    68c689bae07c6c47593e382c35c12649
Sha1:   46b2254833bbd6d3e01c0ec7668648e107ba8420
Sha256: 586f229a461336e5a4281ef8e1abb082fa977ea90ce9d72aa3942d47dbd01c51

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/lib/wow/wow.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2635
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8099)
Size:   2635
Md5:    84bcd002724af2dd2e7cc6247fb84d17
Sha1:   d97b0313077c8a7d904c15342e314804915c099d
Sha256: 2206a94b5dd8138c89e5a30bad50115903e45978323bef0367eca08ac6843559

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/lib/easing/easing.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2301)
Size:   733
Md5:    ebc58a9cdf34a3fb595a609418b88be2
Sha1:   2c6972dc988c4541bd9c61519eaf7ae3f2da39b5
Sha256: 4065193c46b4f3b77d971b12330d77f1b48b5c29755bd814d8ad4cfb36f98356

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/lib/waypoints/waypoints.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2592
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8863)
Size:   2592
Md5:    9ac7d06d536f08f1b22abc2e4d53f85a
Sha1:   2f7809be662e8b60690e9c93bc57e46ae06e906c
Sha256: ac26b8d1e1df8be26af42c290e9ecc4bd0afc655f88e6bec2f73e87bf6ca6474

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/lib/counterup/counterup.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 908
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2182)
Size:   908
Md5:    de4f314590475ff8b1ec91731b60b304
Sha1:   8d76335b9e0fafb98c18388d2e4e700d87b14550
Sha256: cd9a483551940c95018c6910936cb4a62150ebf2527a4cc1afd24cbf91bdaa55

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/js/main.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 779
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   779
Md5:    1f0033d5ff76c016dd85024a852c767f
Sha1:   2b71cb32c4c38675b3b8aa5973ffc3f111ddf4f3
Sha256: 8781b7452972dc5e78df6d316d823f05e678f991108021d1988febeb0d065653

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 16159
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13536
Md5:    512280055633fcce9abc7d11a9816a24
Sha1:   de5c3e010fca76659455a144875a52c25fa72bdd
Sha256: 435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6820
x-amzn-requestid: 3aab395b-9355-4a3a-b033-73420df43ee5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUksFUxoAMFr4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239aea-5be8dbdf57158b0e37ee719f;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I8QSOY13buUN6y89zoSzcjZmV8EygMJUdiPiVouUi4a5LHBJ3AM3wQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:13 GMT
age: 16192
etag: "d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6820
Md5:    6572617127bde36c63aa1163e3352688
Sha1:   d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c
Sha256: 91fdabb99b1317407413b424f50ad025c0578a57d89a0f4c8228d91a36b8e6c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a0fd33a-4b33-42d9-808a-0df897fbec53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12744
x-amzn-requestid: f5921831-e306-442b-a43f-e4cfc67980aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUj4GlEoAMFxbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae5-7ae58b110d2dcfb507939612;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WqljQTgz7VGxcX0QOSRkIOBpbhWHvOkqrjJT0XVglVDL5at9IwO1cA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:20:13 GMT
etag: "d36b8ee08a7c5465ac2b0b0810f9dd4ff9dd6cb2"
age: 14092
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12744
Md5:    974f0e1d052879e47d9230adbd2935e4
Sha1:   d36b8ee08a7c5465ac2b0b0810f9dd4ff9dd6cb2
Sha256: eb7d70fc9b159adbbaa96c0ee5d6032bb0839883b950b0d586a300dd1d8348bf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e20b221-cd14-4696-aa45-979946430e9c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8076
x-amzn-requestid: e5521c18-64d3-4f61-8879-3dac61128920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfzqG_hIAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6321467d-009f1413346a7b965d1c65e4;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: B0EwuNcTqD3fO1ap-9g43JVkqrRnFwNuYWB6tPYScB36XkGdXq4pEg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:26:31 GMT
age: 20914
etag: "bcacfdb674bdd90c157f7e97d232c49a4d206004"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8076
Md5:    ab434eb762838f03bf60457b3039c738
Sha1:   bcacfdb674bdd90c157f7e97d232c49a4d206004
Sha256: 9e1e6b832980c9777e3e90a7ff3d84f96d35bbaab808a74343d91cea01aa1d64
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10296
x-amzn-requestid: f3bb82cc-9d5d-4dea-8a22-26b35fe603e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbIRLHBUIAMF7hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632120d4-64832ad820f6aeaf7868495d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 00:31:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mtDiHNtey-YZnI8xoyrMF4vTWWO2DW9VWp1nAHuZFeHhsfGfm_poiA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:53:00 GMT
age: 15725
etag: "2656d1e3e105c1929b18ebf9b00bd603f2f410a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10296
Md5:    252e27665094eccd2f18dfed46d4e871
Sha1:   2656d1e3e105c1929b18ebf9b00bd603f2f410a6
Sha256: ccd05f3e869946687ec611ee0d6c5a118a99f73abb1957c556e346ed522d3088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 03:12:38 GMT
age: 82947
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12123
Md5:    f876cdc19dca10c62d83d19303512c7f
Sha1:   9f812c7bc1b42b0cea3e42694e7d1f6738789770
Sha256: c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
                                        
                                            GET /themes/pamar/images/logo/logo.png HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Wed, 24 Aug 2022 16:50:54 GMT
accept-ranges: bytes
content-length: 52535
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 681 x 235, 8-bit/color RGBA, non-interlaced\012- data
Size:   52535
Md5:    0ff38b50be9c4081036a08240f084e10
Sha1:   b113bf3caef2b4e0aa8144e6bcfc0dba5da80151
Sha256: d4dcef6d5f9143e1ede075805a239b57746dcd550744045fe61e23da4fb3c8d2
                                        
                                            GET /themes/pamar/images/logo/webmail.png HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Wed, 24 Aug 2022 14:27:42 GMT
accept-ranges: bytes
content-length: 17109
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 325 x 326, 8-bit/color RGBA, non-interlaced\012- data
Size:   17109
Md5:    f9bceccef2e7602604af4b53565be874
Sha1:   03a7f99db2f0ba4f4eebaaf7daa38ac5621b3a0f
Sha256: b4dce868297035a5af660a2ce794dcc52e30ef32d9c8f8b4c4e9187cc3a44f3d
                                        
                                            GET /themes/pamar/css/bootstrap.min.css HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20716
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65326)
Size:   20716
Md5:    28440b0d7108ab149ba0758f9d8ee9fa
Sha1:   8a425e3cddf0a03336c8d9d9b4beba400f4e441f
Sha256: c3d353bcb294f127bc81e8ccafe3d9277bc42ca6ae6f5178aeae6b2d3c723c55
                                        
                                            GET /themes/pamar/lib/owlcarousel/owl.carousel.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10649
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32000)
Size:   10649
Md5:    1b649a193df8c648d381cdda8dd268b4
Sha1:   f01dcdb5e3ede69da1d3e8556dcd993f0105b61d
Sha256: dd2f2af9b8d391f704ec91ab6ef3e32ff56afacc88ba92b8a8834ca562de8bcb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /_cdn/jquery.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
last-modified: Sun, 08 Oct 2017 04:53:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32371
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32046)
Size:   32371
Md5:    2f700400f1a3e5f1e01c4ec019de6c13
Sha1:   e278d2d4c8a748218a70c8d00658bead97ffa6bf
Sha256: d54f279c3c1537c9cd32c63ea5f67a116ae28f06b36b15598a2e78a071db4667

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:28:55 GMT
expires: Thu, 14 Sep 2023 19:28:55 GMT
cache-control: public, max-age=31536000
age: 110771
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Size:   34852
Md5:    0e8eefb4549a2edf26c560cb9845952e
Sha1:   8d0b1718aacad934fd0043c87cbc54aa091396bf
Sha256: 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:29:11 GMT
expires: Thu, 14 Sep 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 110755
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Size:   30480
Md5:    0e7e5f9d3a8ef121149827180b790b5c
Sha1:   0e9f9333078e5df9245630ff6f68ba1d9da3c403
Sha256: e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
                                        
                                            GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:36:56 GMT
expires: Wed, 13 Sep 2023 22:36:56 GMT
cache-control: public, max-age=31536000
age: 185890
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Size:   21724
Md5:    c3609c36a150ce088ea4dcab92b7c00b
Sha1:   0c18236a183e962533a4f61bff3ae2581313561a
Sha256: 65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/pamar/lib/tempusdominus/js/moment.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 63743
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   63743
Md5:    7aab21750c3674e928da71c89b8cabb8
Sha1:   92f2139c3717d4cfd19a8186187d5829174ab58c
Sha256: 71384b81fe6bf962fedb07e3fd60d8538996c34b455a7e918a766739da8de73d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FbofA%2Flogin.php HTTP/1.1 
Host: prism.app-us1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.146.91
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 16 Sep 2022 02:15:07 GMT
content-length: 0
cache-control: no-cache, private
set-cookie: prism_799654661=4eff58db-9389-444c-bdc9-fd9a8ba9454f; expires=Sun, 16-Oct-2022 02:15:07 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 51
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b617ac7e58b4fd-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /themes/pamar/lib/tempusdominus/js/moment-timezone.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9061
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32832), with no line terminators
Size:   9061
Md5:    e78d6807d18576999c3f473824a1537b
Sha1:   c47130cc69b3c51ca0c2334257a3644fb70d78ee
Sha256: 3465ac1cc58e51a4fee9856859cc741f320ddac3f7227725c76f4f3e9c3fd5cb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11542
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32032)
Size:   11542
Md5:    f5a4db83231fb90dd2430138551be975
Sha1:   839474798fd1ea078dcf0d9810411285b460ac99
Sha256: b6d7cd25bd81e578b99ec4d6777a08040aeb5d7f2da90bcc654b70d73214f143

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5813
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 02:15:07 GMT
Last-Modified: Fri, 16 Sep 2022 00:38:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pt_BR/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6943113aca490a8a239e9d1d08a4c51c
etag: "dd1f9f751b86a5230b92a45a88f1fe1f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 16 Sep 2022 02:33:55 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: FfxGlWgjv00eHcgvPo9Agw==
x-fb-debug: QcJO1hhh4D9ldaUdJx16tUIf+G3jxqYjRUvD+bGGXutCMzbA442mDxwoDw5KgiFNPwsTzx+jYhWGsPhOR5WTEg==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 02:15:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1686
Md5:    15fc46956823bf4d1e1dc82f3e8f4083
Sha1:   bbc3833dc052c397f66cbbc1242d7181975872ee
Sha256: 0bac7ca106d0da8888f7445af2e912a159312d9bc3fb081491163801e37967bd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5813
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 02:15:07 GMT
Last-Modified: Fri, 16 Sep 2022 00:38:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pt_BR/sdk.js?hash=be2dd3a28e4d2731d0849c04e860e2ba HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9259b569d669a410ebb1d8db31fe637e
etag: "a0051f4213cb896d367df6b7d028f46b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 16 Sep 2023 02:03:14 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: aGb0X7VIseh05SHAup2vbA==
x-fb-debug: MvfhrnNX6XbTQ/szzu5m5vUbjrApBm7FqshKC3KJfsdDaEWEg2QmVm1s3CLUbDghGjrkz99DlhAioWO0Bwj/xQ==
content-length: 87229
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 02:15:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13264)
Size:   87229
Md5:    6866f45fb548b1e874e521c0ba9daf6c
Sha1:   c317bcbe293add45b67bb94356683f17baf9b840
Sha256: 57ae296e8cffaeb29e70e9a5433f398d490eac7ed464497920ec1a2dd4f2750e
                                        
                                            GET /themes/pamar/img/carousel-bg-1.jpg HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/themes/pamar/css/style.css
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:04 GMT
last-modified: Tue, 23 Aug 2022 18:23:34 GMT
accept-ranges: bytes
content-length: 113750
date: Fri, 16 Sep 2022 02:15:04 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1800x560, components 3\012- data
Size:   113750
Md5:    27febaa8ddda88aea4a7ea24b1de7ebb
Sha1:   31de76567f5ad644a21dce243243b0026c852a9c
Sha256: 5016c60014f6e573f58dfd25b9ff3d6293067a328e198bbecae21e05c3687f8f
                                        
                                            GET /themes/pamar/images/favicons/android-icon-192x192.png HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 02:15:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/pamar/images/favicons/favicon-16x16.png HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 02:15:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bofA/login.php HTTP/1.1 
Host: palmitosicoaraci.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.106.0.110
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; path=/; secure userView=palmitos; expires=Sat, 17-Sep-2022 02:15:02 GMT; Max-Age=86400; path=/; secure
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 02:15:04 GMT
date: Fri, 16 Sep 2022 02:15:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /diffuser/diffuser.js HTTP/1.1 
Host: diffuser-cdn.app-us1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.146.91
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 16 Sep 2022 02:15:06 GMT
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 187
server: cloudflare
cf-ray: 74b617ab2dcdb4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---