firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 02:10:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 95Hrn8UlBJFncMV8qdb10h3bnO7jG5GktVIbql6pyNr3ZgLaGcq8HQ==
Age: 260
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3578
Expires: Fri, 16 Sep 2022 03:14:41 GMT
Date: Fri, 16 Sep 2022 02:15:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k8KZ7e3TiQizT5khwCYsBhthXsV2DuBDpE2VCAU6FncW5vKpnlM6Eg==
age: 77988
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/bofA/login.php
172.106.0.110301 Moved Permanently 707 B URL HTTP/1.1 palmitosicoaraci.com.br/bofA/login.php
IP 172.106.0.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /bofA/login.php HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 16 Sep 2022 02:15:01 GMT
server: LiteSpeed
location: https://palmitosicoaraci.com.br/bofA/login.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 02:15:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 02:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 02:07:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Dcg_fGhofo9h-P991TrRKcPjuFiTmWqb7GfOrEbstM7teoUE9F6LA==
Age: 702
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6441
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:04 GMT
Last-Modified: Fri, 16 Sep 2022 00:27:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (56331)
Hash 504d3db17059beb7c9278d8519c94752
291ad53bb1ac4932600bfb4488c56bc55e4db9b1
53ada737b0df4fdeeb9859542a1f458196dec7829cd87b3c9b9d7b0c58ba0310
GET /ajax/libs/font-awesome/5.10.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 02:15:04 GMT
content-type: text/css; charset=utf-8
content-length: 9974
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-dcc5"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8740459
expires: Wed, 06 Sep 2023 02:15:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSwv%2BM5hXwIZz8HCHtNjRKh89jN%2BFoI%2F82qNwyCsBmk5tWDk9qAiY3TAIHhgOEw0yq%2BohZz7i8OVH%2BugK2JdKQj0jb%2BZIZ3kIVYy%2BfjimvDU59rmdZN%2BUiEQ6hZEW2mqxH2kNKdH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b6179cbf3eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css
151.101.85.229200 OK 8.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css
IP 151.101.85.229:0
Hash 5813a944575a76776931431ffde6693f
865909634bd204fb4b0c654543fabe87209bdf26
9e3f7c85a1d0099f7f50b05e7e6934129fe6d108d783d34bd599812c53be4eac
GET /npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.4.1
x-jsd-version-type: version
etag: W/"f8b2-v7ZMVELJO4O8jF4rcNGwrm8YAaE"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Sep 2022 02:15:04 GMT
age: 2671658
x-served-by: cache-fra19128-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8844
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash daa80660d5766073c0be83d6419a3411
1995a34ba3db0fcf5b8bae8b2a1cdd8cbee57e9a
6863336e8f0c91e087d618fb05d13f05894e005447f740b70b084a1426466a32
GET /npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.0
x-jsd-version-type: version
etag: W/"13731-2JYXAt9UqpcPHzAIfI0LH2lnx4Q"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 16 Sep 2022 02:15:04 GMT
age: 6298969
x-served-by: cache-fra19167-FRA, cache-bma1655-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22435
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 4cc3f4f051bfbb67a8a78b20193c3dd7
0b45b1d884dea5bcd5911f39f815c65bc77ce768
60c52a4568094ee5919e5c8f3e4057b52e387f30b4e025dc5164eafdbc958a6a
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 02:15:04 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3147CAF229D512734A582BBDE18CD81BA4AE47E7"
Expires: Fri, 16 Sep 2022 13:00:00 GMT
Last-Modified: Fri, 16 Sep 2022 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2659
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b6179d0ecab4fd-OSL
code.jquery.com/jquery-3.4.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 02:15:04 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663294504.dop017.sk1.t,1663294504.cds247.sk1.hn,1663294504.cds201.sk1.c
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/bootcss/reset.css
172.106.0.110200 OK 3.0 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/bootcss/reset.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (331)
Hash f3f53c0d4582e0f26404c3d2a408a101
d389b2a45dd8a24e36a21c8aa74f61138e213751
66358a916a6a4d582580eed5de30019efcaa5a8530429907a23953cc66685102
GET /_cdn/bootcss/reset.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 19:20:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2977
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/bootcss/fonticon.css
172.106.0.110200 OK 3.6 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/bootcss/fonticon.css
IP 172.106.0.110:0
Hash 890bde976fe730a5072539f56195e20d
662dcbbfb48d3318cc493efa5f9a33b3b9c56400
b1fd5e950b7dd32537315f7c6e9af24d39e78548e8c586eef32aa76de226dc00
GET /_cdn/bootcss/fonticon.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Mon, 18 Sep 2017 09:35:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3634
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
palmitosicoaraci.com.br/themes/pamar/lib/animate/animate.min.css
172.106.0.110200 OK 2.5 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/animate/animate.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (16755)
Hash 8749712e65b163c12306df7f1e7d1261
29347292299cd3a5d207e05c711c66fa20333b96
6042228bdd632754cb22416d37bdc8e8dc62df670899b01b9bd406e442d16441
GET /themes/pamar/lib/animate/animate.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2501
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.98.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.98.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X1Fe1N2hLWbLZaDnrfkHjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gKztQ40/XQ5ljIUbdHUdWXhYs3c=
palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css
172.106.0.110200 OK 789 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (2846)
Hash f28411148e2c4159c779ed6cb9060a03
3e28a7725e7dec0a774b30f749ccc2f4664cc03b
5e569c50803725ebc0c486d05135852e56a7b8b320c9cf6cfe3b201965de0004
GET /themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 789
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css
172.106.0.110200 OK 1.4 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (836)
Hash 29842a8c7914e5bcb26c39f8be405856
0ff1fe917ecc77f945f6b59b7a7e15b624b36c7b
a80610ce8e9bcb5f8ed5c86a13a5aa384f33943a56358fa4834bf79c1cb10f32
GET /themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1447
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/css/style.css
172.106.0.110200 OK 1.6 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/css/style.css
IP 172.106.0.110:0
Hash 78ba9e845c33461ec91b5f0a33ebf32f
63450b4b3c5660a41ca2bf019b92e7017ab2e265
fe16038bb148d4211839fd72d70e96ed9a6148655124b95c51e1270041fd2e35
GET /themes/pamar/css/style.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 19:04:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1580
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/css/whatsapp.css
172.106.0.110200 OK 1.1 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/css/whatsapp.css
IP 172.106.0.110:0
Hash 985b832ebc38c5e0a3bce4a48ff6695c
ad77e54ba86daa46558e7d3401b48df2d4a0c7b1
51377f27bc6f5c479622cc0dece586601ae7e27a9c4ba340831e9fac24b4c3bf
GET /themes/pamar/css/whatsapp.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 14:48:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1133
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/workcontrol.js
172.106.0.110200 OK 1.6 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/workcontrol.js
IP 172.106.0.110:0
Hash e30f7e4b419c12a9e1e75ae21ee90ca0
0a3ad129938333b08a896f144e57cf5629cd6f74
cf522c88c50a3d8bdce0fc755277998ebc5e40b8be4d6dfd78a4daa720e206d4
Analyzer Verdict Alert fortinet Phishing
GET /_cdn/workcontrol.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 22:30:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1641
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/scripts.js
172.106.0.110200 OK 521 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/scripts.js
IP 172.106.0.110:0
File type ASCII text, with CRLF line terminators
Hash 68c689bae07c6c47593e382c35c12649
46b2254833bbd6d3e01c0ec7668648e107ba8420
586f229a461336e5a4281ef8e1abb082fa977ea90ce9d72aa3942d47dbd01c51
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/scripts.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 14:54:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 521
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js
172.106.0.110200 OK 2.6 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (8099)
Hash 84bcd002724af2dd2e7cc6247fb84d17
d97b0313077c8a7d904c15342e314804915c099d
2206a94b5dd8138c89e5a30bad50115903e45978323bef0367eca08ac6843559
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/wow/wow.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2635
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js
172.106.0.110200 OK 733 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (2301)
Hash ebc58a9cdf34a3fb595a609418b88be2
2c6972dc988c4541bd9c61519eaf7ae3f2da39b5
4065193c46b4f3b77d971b12330d77f1b48b5c29755bd814d8ad4cfb36f98356
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/easing/easing.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js
172.106.0.110200 OK 2.6 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js
IP 172.106.0.110:0
File type Unicode text, UTF-8 text, with very long lines (8863)
Hash 9ac7d06d536f08f1b22abc2e4d53f85a
2f7809be662e8b60690e9c93bc57e46ae06e906c
ac26b8d1e1df8be26af42c290e9ecc4bd0afc655f88e6bec2f73e87bf6ca6474
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/waypoints/waypoints.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2592
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js
172.106.0.110200 OK 908 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (2182)
Hash de4f314590475ff8b1ec91731b60b304
8d76335b9e0fafb98c18388d2e4e700d87b14550
cd9a483551940c95018c6910936cb4a62150ebf2527a4cc1afd24cbf91bdaa55
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/counterup/counterup.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 908
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/js/main.js
172.106.0.110200 OK 779 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/js/main.js
IP 172.106.0.110:0
Hash 1f0033d5ff76c016dd85024a852c767f
2b71cb32c4c38675b3b8aa5973ffc3f111ddf4f3
8781b7452972dc5e78df6d316d823f05e678f991108021d1988febeb0d065653
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/js/main.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 779
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 02:15:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 512280055633fcce9abc7d11a9816a24
de5c3e010fca76659455a144875a52c25fa72bdd
435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 16159
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6572617127bde36c63aa1163e3352688
d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c
91fdabb99b1317407413b424f50ad025c0578a57d89a0f4c8228d91a36b8e6c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6820
x-amzn-requestid: 3aab395b-9355-4a3a-b033-73420df43ee5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUksFUxoAMFr4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239aea-5be8dbdf57158b0e37ee719f;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I8QSOY13buUN6y89zoSzcjZmV8EygMJUdiPiVouUi4a5LHBJ3AM3wQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:13 GMT
age: 16192
etag: "d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a0fd33a-4b33-42d9-808a-0df897fbec53.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a0fd33a-4b33-42d9-808a-0df897fbec53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 974f0e1d052879e47d9230adbd2935e4
d36b8ee08a7c5465ac2b0b0810f9dd4ff9dd6cb2
eb7d70fc9b159adbbaa96c0ee5d6032bb0839883b950b0d586a300dd1d8348bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a0fd33a-4b33-42d9-808a-0df897fbec53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12744
x-amzn-requestid: f5921831-e306-442b-a43f-e4cfc67980aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUj4GlEoAMFxbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae5-7ae58b110d2dcfb507939612;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WqljQTgz7VGxcX0QOSRkIOBpbhWHvOkqrjJT0XVglVDL5at9IwO1cA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:20:13 GMT
etag: "d36b8ee08a7c5465ac2b0b0810f9dd4ff9dd6cb2"
content-type: image/jpeg
age: 14092
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e20b221-cd14-4696-aa45-979946430e9c.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e20b221-cd14-4696-aa45-979946430e9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ab434eb762838f03bf60457b3039c738
bcacfdb674bdd90c157f7e97d232c49a4d206004
9e1e6b832980c9777e3e90a7ff3d84f96d35bbaab808a74343d91cea01aa1d64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e20b221-cd14-4696-aa45-979946430e9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8076
x-amzn-requestid: e5521c18-64d3-4f61-8879-3dac61128920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfzqG_hIAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6321467d-009f1413346a7b965d1c65e4;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: B0EwuNcTqD3fO1ap-9g43JVkqrRnFwNuYWB6tPYScB36XkGdXq4pEg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:26:31 GMT
age: 20914
etag: "bcacfdb674bdd90c157f7e97d232c49a4d206004"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 252e27665094eccd2f18dfed46d4e871
2656d1e3e105c1929b18ebf9b00bd603f2f410a6
ccd05f3e869946687ec611ee0d6c5a118a99f73abb1957c556e346ed522d3088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10296
x-amzn-requestid: f3bb82cc-9d5d-4dea-8a22-26b35fe603e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbIRLHBUIAMF7hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632120d4-64832ad820f6aeaf7868495d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 00:31:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mtDiHNtey-YZnI8xoyrMF4vTWWO2DW9VWp1nAHuZFeHhsfGfm_poiA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:53:00 GMT
age: 15725
etag: "2656d1e3e105c1929b18ebf9b00bd603f2f410a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 03:12:38 GMT
age: 82947
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/logo/logo.png
172.106.0.110200 OK 52 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/logo/logo.png
IP 172.106.0.110:0
File type PNG image data, 681 x 235, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ff38b50be9c4081036a08240f084e10
b113bf3caef2b4e0aa8144e6bcfc0dba5da80151
d4dcef6d5f9143e1ede075805a239b57746dcd550744045fe61e23da4fb3c8d2
GET /themes/pamar/images/logo/logo.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 16:50:54 GMT
accept-ranges: bytes
content-length: 52535
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/logo/webmail.png
172.106.0.110200 OK 17 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/logo/webmail.png
IP 172.106.0.110:0
File type PNG image data, 325 x 326, 8-bit/color RGBA, non-interlaced\012- data
Hash f9bceccef2e7602604af4b53565be874
03a7f99db2f0ba4f4eebaaf7daa38ac5621b3a0f
b4dce868297035a5af660a2ce794dcc52e30ef32d9c8f8b4c4e9187cc3a44f3d
GET /themes/pamar/images/logo/webmail.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 14:27:42 GMT
accept-ranges: bytes
content-length: 17109
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/css/bootstrap.min.css
172.106.0.110200 OK 21 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/css/bootstrap.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (65326)
Hash 28440b0d7108ab149ba0758f9d8ee9fa
8a425e3cddf0a03336c8d9d9b4beba400f4e441f
c3d353bcb294f127bc81e8ccafe3d9277bc42ca6ae6f5178aeae6b2d3c723c55
GET /themes/pamar/css/bootstrap.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20716
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js
172.106.0.110200 OK 11 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32000)
Hash 1b649a193df8c648d381cdda8dd268b4
f01dcdb5e3ede69da1d3e8556dcd993f0105b61d
dd2f2af9b8d391f704ec91ab6ef3e32ff56afacc88ba92b8a8834ca562de8bcb
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/owlcarousel/owl.carousel.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10649
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/jquery.js
172.106.0.110200 OK 32 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/jquery.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32046)
Hash 2f700400f1a3e5f1e01c4ec019de6c13
e278d2d4c8a748218a70c8d00658bead97ffa6bf
d54f279c3c1537c9cd32c63ea5f67a116ae28f06b36b15598a2e78a071db4667
Analyzer Verdict Alert fortinet Phishing
GET /_cdn/jquery.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:02 GMT
content-type: application/javascript
last-modified: Sun, 08 Oct 2017 04:53:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32371
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
142.250.74.163200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:28:55 GMT
expires: Thu, 14 Sep 2023 19:28:55 GMT
cache-control: public, max-age=31536000
age: 110771
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:29:11 GMT
expires: Thu, 14 Sep 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 110755
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 22:36:56 GMT
expires: Wed, 13 Sep 2023 22:36:56 GMT
cache-control: public, max-age=31536000
age: 185890
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js
172.106.0.110200 OK 64 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7aab21750c3674e928da71c89b8cabb8
92f2139c3717d4cfd19a8186187d5829174ab58c
71384b81fe6bf962fedb07e3fd60d8538996c34b455a7e918a766739da8de73d
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/tempusdominus/js/moment.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 63743
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FbofA%2Flogin.php
104.17.146.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FbofA%2Flogin.php
IP 104.17.146.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FbofA%2Flogin.php HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 02:15:07 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_799654661=4eff58db-9389-444c-bdc9-fd9a8ba9454f; expires=Sun, 16-Oct-2022 02:15:07 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 51
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74b617ac7e58b4fd-OSL
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js
172.106.0.110200 OK 9.1 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32832), with no line terminators
Hash e78d6807d18576999c3f473824a1537b
c47130cc69b3c51ca0c2334257a3644fb70d78ee
3465ac1cc58e51a4fee9856859cc741f320ddac3f7227725c76f4f3e9c3fd5cb
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/tempusdominus/js/moment-timezone.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9061
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
172.106.0.110200 OK 12 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32032)
Hash f5a4db83231fb90dd2430138551be975
839474798fd1ea078dcf0d9810411285b460ac99
b6d7cd25bd81e578b99ec4d6777a08040aeb5d7f2da90bcc654b70d73214f143
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:03 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11542
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:07 GMT
Last-Modified: Fri, 16 Sep 2022 00:38:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 15fc46956823bf4d1e1dc82f3e8f4083
bbc3833dc052c397f66cbbc1242d7181975872ee
0bac7ca106d0da8888f7445af2e912a159312d9bc3fb081491163801e37967bd
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6943113aca490a8a239e9d1d08a4c51c
etag: "dd1f9f751b86a5230b92a45a88f1fe1f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 16 Sep 2022 02:33:55 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: FfxGlWgjv00eHcgvPo9Agw==
x-fb-debug: QcJO1hhh4D9ldaUdJx16tUIf+G3jxqYjRUvD+bGGXutCMzbA442mDxwoDw5KgiFNPwsTzx+jYhWGsPhOR5WTEg==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 02:15:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 02:15:07 GMT
Last-Modified: Fri, 16 Sep 2022 00:38:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js?hash=be2dd3a28e4d2731d0849c04e860e2ba
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js?hash=be2dd3a28e4d2731d0849c04e860e2ba
IP 31.13.72.12:0
File type ASCII text, with very long lines (13264)
Hash 6866f45fb548b1e874e521c0ba9daf6c
c317bcbe293add45b67bb94356683f17baf9b840
57ae296e8cffaeb29e70e9a5433f398d490eac7ed464497920ec1a2dd4f2750e
GET /pt_BR/sdk.js?hash=be2dd3a28e4d2731d0849c04e860e2ba HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9259b569d669a410ebb1d8db31fe637e
etag: "a0051f4213cb896d367df6b7d028f46b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 16 Sep 2023 02:03:14 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: aGb0X7VIseh05SHAup2vbA==
x-fb-debug: MvfhrnNX6XbTQ/szzu5m5vUbjrApBm7FqshKC3KJfsdDaEWEg2QmVm1s3CLUbDghGjrkz99DlhAioWO0Bwj/xQ==
content-length: 87229
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 02:15:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/img/carousel-bg-1.jpg
172.106.0.110200 OK 114 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/img/carousel-bg-1.jpg
IP 172.106.0.110:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1800x560, components 3\012- data
Size 114 kB (113750 bytes)
Hash 27febaa8ddda88aea4a7ea24b1de7ebb
31de76567f5ad644a21dce243243b0026c852a9c
5016c60014f6e573f58dfd25b9ff3d6293067a328e198bbecae21e05c3687f8f
GET /themes/pamar/img/carousel-bg-1.jpg HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/themes/pamar/css/style.css
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 02:15:04 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 18:23:34 GMT
accept-ranges: bytes
content-length: 113750
date: Fri, 16 Sep 2022 02:15:04 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/favicons/android-icon-192x192.png
172.106.0.110200 OK 0 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/favicons/android-icon-192x192.png
IP 172.106.0.110:0
GET /themes/pamar/images/favicons/android-icon-192x192.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 02:15:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/favicons/favicon-16x16.png
172.106.0.110200 OK 0 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/favicons/favicon-16x16.png
IP 172.106.0.110:0
GET /themes/pamar/images/favicons/favicon-16x16.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/bofA/login.php
Cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 02:15:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/bofA/login.php
172.106.0.110200 OK 0 B URL HTTP/2 palmitosicoaraci.com.br/bofA/login.php
IP 172.106.0.110:0
Analyzer Verdict Alert fortinet Phishing
GET /bofA/login.php HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=24c4741f4b8174254e0e2b6c54bfdba5; path=/; secure
userView=palmitos; expires=Sat, 17-Sep-2022 02:15:02 GMT; Max-Age=86400; path=/; secure
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 02:15:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap
IP 216.58.211.10:0
GET /css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 02:15:04 GMT
date: Fri, 16 Sep 2022 02:15:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.146.91200 OK 0 B URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.146.91:0
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 02:15:06 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 187
server: cloudflare
cf-ray: 74b617ab2dcdb4fd-OSL
X-Firefox-Spdy: h2