firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ABbijVqlYAvwFJrutCOcxw0pjmI6DjySS1X3-e7qYMewFTXxlE342g==
Age: 98868
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3596
Expires: Thu, 06 Oct 2022 20:15:02 GMT
Date: Thu, 06 Oct 2022 19:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4018
Expires: Thu, 06 Oct 2022 20:22:04 GMT
Date: Thu, 06 Oct 2022 19:15:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qW+tRNZkvJ4YNzkKJf9e7KaRu37G1mvCKxhWIrBfG8vvE/UdNY5ld25F75ReUMzmWEWa2XQq+hc=
x-amz-request-id: SMYMYXR62ZHES6GS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 18:58:51 GMT
age: 975
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 19:15:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hbcsaude.com.br/
162.240.18.185301 Moved Permanently 232 B IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4569750a0ea87b01c55144731084f7a2
0b31b9410023417ebf71e338eceed00ecfff487a
64003fdd1a16dbb093e5869c6794fcdf9a4eece18eba791bfe4bc4368fd72e17
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 19:15:06 GMT
Server: Apache
Location: https://hbcsaude.com.br/
Content-Length: 232
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 18:29:41 GMT
Expires: Thu, 06 Oct 2022 19:07:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U9kFq2xe53Zrfs_vAr4trbhhzHMCcsEb4LXKjl4F_hG0ZcFlKYN8Fw==
Age: 2726
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:07 GMT
Last-Modified: Thu, 06 Oct 2022 17:25:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3OvMYABKd710qoNch+AvuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y7WoY7pnrtkTd6X3KPUsFRpDnls=
hbcsaude.com.br/
162.240.18.185200 OK 23 kB IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4892), with CRLF, LF line terminators
Hash 6648b5e11422a30d3124ee1999ad26e5
dd2ae0955d6f52f78d864ac8922fcfd859440e1b
d7cfb254698a348ba4a50a1336152dfc6cda00e4a1f0086d84ed09d87de06b1f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:07 GMT
Server: Apache
X-Pingback: https://hbcsaude.com.br/xmlrpc.php
Link: <https://hbcsaude.com.br/wp-json/>; rel="https://api.w.org/", <https://hbcsaude.com.br/>; rel=shortlink
Set-Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx; expires=Sat, 08-Oct-2022 19:15:07 GMT; Max-Age=172800; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 23025
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.w3schools.com/w3css/4/w3.css
192.229.133.221200 OK 5.3 kB URL HTTP/2 www.w3schools.com/w3css/4/w3.css
IP 192.229.133.221:0
File type Unicode text, UTF-8 (with BOM) text
Hash cfa5fd76f66a5f917b87ddd80b75b3fa
c0d7265855205d77acc0f1154172070a8680ab19
38ae41c45eedd4f190a8ddbda2a2dc69e2a4d75a6ff8cb0bb35d4a521724ee98
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 10749
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Thu, 06 Oct 2022 19:15:08 GMT
etag: "0207fb781d9d81:0"
last-modified: Thu, 06 Oct 2022 12:46:56 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5250
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/css/shortcodes.css?ver=5.3.13
162.240.18.185200 OK 12 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/css/shortcodes.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash ab856bb1de4cc0684553a2823efe812b
3e747af46187a5c9759630bd8669888becd13892
b18a0269d02445e82d71b7993b6e395d354b6265f0143ba7e1a624c03138f842
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/themeone-shortcodes/shortcodes/css/shortcodes.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 02:17:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12546
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
162.240.18.185200 OK 649 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 76aba5da6a0d822d5b7ed296888c8758
9bd4319bc86fb62d04a7593569084a978fed2793
220aff2fb7a928001bdc0e30d89b683c92c5f41f259759ca04c198a678eab56e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:17:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 649
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
162.240.18.185200 OK 6.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (41045), with no line terminators
Hash e249e51bc3661ceb614f1ad31574c939
ca981ab391193e11e93775f3c25abc452b0e3908
950b57fc13a5c515fffe9c67a69da06e9e833430253210d0cd9fe4aff93d667f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2020 01:28:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6132
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/css/pixelicons.css?ver=5.3.13
162.240.18.185200 OK 3.8 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/css/pixelicons.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1812), with CRLF line terminators
Hash ff1feae70f25394cf758d536894128d7
6ef720f3a54d6ca2dd70b398f5217a4fba28ccf8
99f28b535f61675f3fa258499612e7f8490a67ee64592e55a330ebc21274aeef
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/themeone-shortcodes/shortcodes/css/pixelicons.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 02:17:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3802
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/css/prettyPhoto.css?ver=5.3.13
162.240.18.185200 OK 2.8 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/css/prettyPhoto.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (402)
Hash 4f21ec76906e28e1c2194ea84546ed6b
85eacc0202364a6682bd58ee3f6680efc1420c7f
86534570cd150f56233dd6fb56369c299e76d93a751dc233c66d35d512a37179
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/awesome-wp-image-gallery/css/prettyPhoto.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Fri, 24 Nov 2017 16:58:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2769
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/css/image-gallery.css?ver=5.3.13
162.240.18.185200 OK 253 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/css/image-gallery.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 0c7e172f276420ddb07e110f972815e0
777fa4a5bbb01d16ff89edaa028c054ae31c477e
cd497c9d6133926ec59782b2d92513c4f2e58f7cffec24a4db2c8401ab86ca7c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/awesome-wp-image-gallery/css/image-gallery.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Fri, 24 Nov 2017 16:58:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 253
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.2
162.240.18.185200 OK 953 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.2
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c503abd9f9fe09d22b59cb1fb0a292a8
a75f1bde1d2da3a4696a8e027eeaae4e96d21fec
56ea4b514650d10a9c4756a2eb1e4d292d138725164eec8c8ef004ceda2fece7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.2 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 953
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.2
162.240.18.185200 OK 4.4 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.2
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6ccc50d8058f37c03eea10782430638c
f9aced9bc0c8286be877fc48a10ae37fdcc2269c
534cd08c1ea0eaeebe1ba35b004f2a17d329a1d20c0b398785c4714458834b15
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.2 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4395
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
162.240.18.185200 OK 890 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 77844a96d72d03c84c5e6970c1fe631b
5f02982c93cf4bf4f70d77ea6dfe04d2efcd9b81
0b5162518ddfdb56914db022a95c1a5eca3271ae2f062cfaa939cc5b7094d63c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 890
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
162.240.18.185200 OK 2.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7609)
Hash b7c2fd201680d0fdae258d6e7c0b0e16
d6b0c3c069b8c33115b8e33c5ce1eff64ef33139
3457dbccf9f39fb5588b077fbe22d0059bdb686e7298ff7b3c4b8154fe550580
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2081
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
162.240.18.185200 OK 4.0 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42839), with no line terminators
Hash e7d460fe41c87ad9e87c0695426d2f92
f16685ccaa6474b82a282f394ef673b27f07fcc9
b92e0e744425caad084ada130f27b25b00c07eecbca8de743686ab33d3cf100f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3984
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.7.6
162.240.18.185200 OK 7.3 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.7.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45857), with no line terminators
Hash 5b7f76b9021caeed57532323bd9ac803
9102ac2f9cc75ac35c7f05f2f086615d99183502
a9e164289a6bcc2f3ec0917b351510c460a1b0de40d02f51563c110c7dbd9c3f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.7.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/css/linecons.css?ver=5.3.13
162.240.18.185200 OK 56 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/css/linecons.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65416), with CRLF line terminators
Hash 672db525535954b3caa51bd531148cd8
a191f9da9c2d663c69c0574a5ce5769969e6c3af
52a1789a336e6a793ea82e34de0287e532fe65660a002cc5069d08e94f60d35f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/themeone-shortcodes/shortcodes/css/linecons.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:08 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 02:17:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 56012
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/timetable/style/superfish.css?ver=5.3.13
162.240.18.185200 OK 1.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/timetable/style/superfish.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a1156bbec0f95460394afd5729ce3ab0
02b192dd971385bc8e4b22b85ecab8ec7469b6ab
08dece3727a82a7e8404ddb0cb686243db42f17ecf71b333277cc3729b9e7255
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/timetable/style/superfish.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:25:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1160
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/timetable/style/style.css?ver=5.3.13
162.240.18.185200 OK 2.5 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/timetable/style/style.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text
Hash 8ee762e3b3d8299f2fc5ab2ba02c3876
be88e8119f4c578c10a1bae43fd4e61a42e036fe
038672c6333868f710dda85fccd6cc53bb102530ec28c09261a44c3afad828a2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/timetable/style/style.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:25:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2450
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/timetable/style/event_template.css?ver=5.3.13
162.240.18.185200 OK 1.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/timetable/style/event_template.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 64a394a7265288281292b5258413f03b
668035621a970eb1ff2ab78ce7fba376f4d40271
dd7ec17d4696dd36d5c646ae4ceb345530307c0e33199fc9e180e1612f071f6c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/timetable/style/event_template.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:25:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1588
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/timetable/style/responsive.css?ver=5.3.13
162.240.18.185200 OK 1.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/timetable/style/responsive.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d534fb8ac80db9878d2afd89e4edd3c0
0459c3ba30f1e41e2f94c9c7ddf0ea20b2f1fecf
02b44694085142bc110581cb9f04788801768afbdd6d1c3c5b275668076e1944
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/timetable/style/responsive.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:25:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1123
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=5.3.13
162.240.18.185200 OK 307 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1020), with no line terminators
Hash 2de46532fda413fac62ce96cd3a465cb
3b6367bdf6b722106c0663b0ccb5c6d53b3199d4
c5a09b8a5c8e35ccfc16f220f731e364f45008a96994c00f32e68576935c0524
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 307
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=5.3.13
162.240.18.185200 OK 427 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2988), with no line terminators
Hash c5e890a8ab89a30447bf164eb94b2e62
f04cd8774c37e7e2f085e3e19b0e664d7b423fda
86662124403fcdb08e831fd334c156a3775fb82e8122a433ea4cc716ff980c1d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_style_safe.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 427
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=5.3.13
162.240.18.185200 OK 92 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 5cb0f5038b643528a681b20178921ce0
b40b77eb4eb72e3b00fee493d406f984480d0199
1f16fd9fb42392922c2af8bec71a6b302d32d179b0bfdc20eab8f71e073cb1ec
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/css/wordpress_file_upload_adminbarstyle.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 92
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=5.3.13
162.240.18.185200 OK 7.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29137), with CRLF line terminators
Hash b53b98699cbf0eb738426482c4398c90
9f77ad7742617f2c81effbf000f1a331c4e050f9
fa829b71142dc44e5ed29bf9f9265ec0dfb60f0c128480b71898954ca38804d4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui.min.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7901
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=5.3.13
162.240.18.185200 OK 573 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1746), with CRLF line terminators
Hash db41739276ee4767bcb8fe99d02983ed
a3a2740a14eeffbc11d2bfe44afffc42a702533e
fb0a86ad52cfe9e17faf3caee8075d035ef331da9eee7defb23fc426bfb12e57
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 573
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-includes/css/dashicons.min.css?ver=5.3.13
162.240.18.185200 OK 28 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/css/dashicons.min.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47529)
Hash a90a88620f0674bd9f3513bc08163837
51fbb6809692541a3b2022048f0f509ff26d1b6b
87389a63f1fa87832527f41bc873850d689b9c1da632b18315483100f654ed68
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28487
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.12.1
162.240.18.185200 OK 44 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.12.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8642ba13aa690384cbbe0b22790def1b
fcc63ec24d9c15e56a19921d7aa7776498b31a2c
c0d0b8ca26f8a0f9a99c893223cb87ffbea59ba0b3af9212bc66593e341e8792
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=4.12.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 43844
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12.1
162.240.18.185200 OK 6.7 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28824)
Hash 493398c5b021c6f1679b5faa7c9d33ae
1bd77a073f3d85adcf06856da80009a1cc4a11d3
31f324dd068c29c50c9af1334d7f461686d51c12435895e5e87e83d387917fb9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6684
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/themes/mobius/css/icomoon.css?ver=5.3.13
162.240.18.185200 OK 551 B URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/css/icomoon.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash dff69797ef206ced388116426ced87dd
c3c394789d3a0b686a09168800574bcce04da88d
004981cd430c4829b55e71ba77f1c5d9fa72aa575eeed7963dab38479f1c2276
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/css/icomoon.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 551
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:15:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 76709
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:15:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 77825
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:56:07 GMT
age: 55142
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 77908
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 53246
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 76942
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C600%7CAdvent+Pro%3A600%2C400&subset=latin&ver=1635816155
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C600%7CAdvent+Pro%3A600%2C400&subset=latin&ver=1635816155
IP 142.250.74.10:0
Hash 61c73f4859008a8c8c1670f67725938e
250154407e9ce09e8fad1208e06b034fba069e9e
138ff8247ece53a717dcf4fe9be788ef5332fd115643a3a5b1739a0253c97390
GET /css?family=Open+Sans%3A400%2C700%2C600%7CAdvent+Pro%3A600%2C400&subset=latin&ver=1635816155 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 19:15:08 GMT
date: Thu, 06 Oct 2022 19:15:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/themes/mobius/css/steadysets.css?ver=5.3.13
162.240.18.185200 OK 1.4 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/css/steadysets.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7358), with no line terminators
Hash bc7db97fa832fe05ef6eaaa8503dec65
c0903f6a83bf62f5203b3ab13f9eaa715535179d
9a56dd519c3bcef6bf94150be10135c30754069a20ed5a93384b0de1374caf02
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/css/steadysets.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1370
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:15:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:15:09 GMT
Connection: keep-alive
hbcsaude.com.br/wp-content/themes/mobius/css/mediaelementplayer.css?ver=5.3.13
162.240.18.185200 OK 1.8 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/css/mediaelementplayer.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1a4e1893aa17ee6ac90467489e9acbb3
31d0441c03763b6fb109a472c2a1c2bd28032d28
7a781bf58773cdc540d27c3ab624279a1a36c8f93b032ffb8b30d00b2cb6920b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/css/mediaelementplayer.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1792
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/themes/mobius/includes/mobius-grid/mobius-grid.css?ver=5.3.13
162.240.18.185200 OK 6.5 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/includes/mobius-grid/mobius-grid.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 3310b2f42a2b8ab466f425f40684a4f8
a7a9f9a17573977d64def83c35366ed9148d2b07
5c1d16cc27be7af8189ada206a6781066ea04175547b422c6ae5b8c0f5228dd3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/includes/mobius-grid/mobius-grid.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Fri, 18 May 2018 06:25:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6521
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/themes/mobius/style.css?ver=5.3.13
162.240.18.185200 OK 21 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/style.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF, CR line terminators
Hash 0db392e2f3ab0fb2717791ebcf8a632d
3c2fd23af793456d77ef286113ae7c09358132de
62628f9c6bf37e62332046ffe9f689a9bf29fe214ff6bdde7dbeb6672870db2c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/style.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 12 Nov 2018 15:10:25 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21210
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
162.240.18.185200 OK 2.7 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5871), with no line terminators
Hash ca013ee2b16a18142247bfe45d963a47
1905128a86f03622279c24470658540f54e39fdb
30df8af172f457d5468b1a2c19f4f25443c6ebc254299a58deb19f197a1cf5cb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.10 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:18:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2732
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/themes/mobius/includes/post-like/post-like.css?ver=5.3.13
162.240.18.185200 OK 524 B URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/includes/post-like/post-like.css?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 4558804fb1dc32c7f10f6c0a9f0749b5
eb57952f4fe815305e9dc3cc231bf429d1840938
48438465b94dbf23e059ebba61f991fbd5f889d8de6b749c271d996c51c0d9a6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/includes/post-like/post-like.css?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 524
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
162.240.18.185200 OK 34 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Fri, 17 May 2019 04:25:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33776
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
162.240.18.185200 OK 4.0 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/js/jquery.prettyPhoto.js?ver=5.3.13
162.240.18.185200 OK 5.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/js/jquery.prettyPhoto.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21223)
Hash 36a63e6de17d5c8017f6c8f097476873
1852cf0981812ae8956b13cae078dafe9b98237e
caa878fea8b22fe29f474148a377117a1e82abb647b7426ee53a345a2f831ee3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/awesome-wp-image-gallery/js/jquery.prettyPhoto.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Fri, 24 Nov 2017 16:58:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5940
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/js/pretiphoto.js?ver=5.3.13
162.240.18.185200 OK 97 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/awesome-wp-image-gallery/js/pretiphoto.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash bb2d2b610fa520b92ce5e5febd010a24
d6aa0a316830228e9155c4a858b830b677d56774
991b3f60ccff1da51599e7db87017d4702fb788de9510c23a4be9d53926cebe1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/awesome-wp-image-gallery/js/pretiphoto.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Fri, 24 Nov 2017 16:58:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 97
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.2
162.240.18.185200 OK 7.5 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.2
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 99b4ce14b33b03419e3809847af3fda7
aa0f15bb8b70726fd61c06e61faab08a6c758929
7994c287f4a7d3dfaa71f5eafdec1bd8341955b53b1ae2489772ac36e5f6a825
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.2 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7526
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
162.240.18.185200 OK 7.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1518)
Hash af7b8363167c766fc5c415c5831609de
2fe2c8d1f1c7e256c3b9cd97b50098c60bd50d3e
1371f4af47e8ab2d5de2d86f16942e0d89acd924c9065c823c6e22295d384b8d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7883
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
162.240.18.185200 OK 9.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (25075)
Hash 0bfe7b8b35f14ed782c6cc66ff0e59e4
8ea52ad5ea35d338ab6cf085e11daf8caf6c3d17
3ee8c1b963cd1bec48cc7158d94b786bace54840e90bd6c5560fc16c97e11a58
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9160
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
162.240.18.185200 OK 13 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32001)
Hash e24f931251f056652e0b8ba2a0d3e6ee
161dc1e62ac932d0072b3f31e1c7374fc7798864
b550aebced99bdaf156b11639171d479c1e705df85e33cea2e958a3465b44350
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12940
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hbcsaude.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 48739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
162.240.18.185200 OK 2.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5661)
Hash 3db40b3f7c407d30d76f440e241f5ad5
f9af12bf4d63638552de17e006c6e2b67fb5fa97
6deec47a77d780ae266a29dfcdcb0caec7f130886c6cf9789a956e868f8a0dc4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2171
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.7.6
162.240.18.185200 OK 4.5 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.7.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0943a0de5840e9168a804e914a5a09f6
ec0adbe60f690ff1138aca466c7ad2f50789033c
cac0563d56df8fe2f8d1fe93013d95fd8de6a7e70ef373d26ca6394a77ba1d5a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.7.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4528
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
162.240.18.185200 OK 1.8 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3704)
Hash 8681c8c59fe450daeacc2f499e351dfe
1bedefb4c8fa62628816eaeea85677d637a6e4e0
d2160a6f66510d16512fd1fd387aee7d3763f0b4799273125faa777128dc5430
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1811
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=5.3.13
162.240.18.185200 OK 14 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (571)
Hash 1fce2fa86a415f596626f6ea091d2771
09d73c24b3bf677fdf2ae2ae78e3ae65fb6b873c
a8ed8eb860a46ab74fda5b581a8224c870b9a2a692e82976a79c0077dae82079
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/js/wordpress_file_upload_functions.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 13908
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
162.240.18.185200 OK 11 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (35947)
Hash 332953c3e5405e332cc838d10252ced1
c4e59576143d3291b4ddf617c123f149d129f0a0
3bbd6c2af89139cebc63770892c34906c701f8c6ee1ba7980f129c3f43aa8ce1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10780
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=5.3.13
162.240.18.185200 OK 11 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32048), with CRLF line terminators
Hash f6f083ff1a14530a6c001c552bafc475
54b92482d0f1e66e6f4aa256c8c50d53a23cc56c
b662e688db2be834b41770c5ad917065f65048daed07de24804a9462be87d66f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-file-upload/vendor/jquery/jquery-ui-timepicker-addon.min.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 01 Aug 2022 20:40:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10926
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/modernizr.js?ver=2.7.1
162.240.18.185200 OK 4.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/modernizr.js?ver=2.7.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document, ASCII text, with very long lines (9247), with CRLF line terminators
Hash 466f050df32f03210d5e903b9ad68fc1
5dbb450fdc0a8b8126b5a9811b4f71f52409cffb
110d2261a3916b786142e4c0f2c5c6bef094b7613f9d14cd9616d7160291deb5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/modernizr.js?ver=2.7.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4178
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.7.6
162.240.18.185200 OK 34 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.7.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash dcd9dcf17421a7d3a46439769a4798ac
799bd5aacd5bdcfb2d08aeeabe23df7ab7c0a5a1
11f058597cd6d623c203445223e43e26dbb1c3480ad47bbe29bee5806605e181
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.7.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:09 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:52:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 34288
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/owl.carousel.css?ver=2.2.1.1
162.240.18.185200 OK 1.5 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/owl.carousel.css?ver=2.2.1.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d8a8a661c9fdcf83c1eda7c40ea933c1
73cf026e6704db8fa2d2b0536e2b40f620f952f3
09c650dd876b5ff5fa666e92f65fb473c124cc66abe68834cfc22a4c57e1da9e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/owl.carousel.css?ver=2.2.1.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1501
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/sa-owl-theme.css?ver=2.0
162.240.18.185200 OK 2.3 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/sa-owl-theme.css?ver=2.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 3195c29b43ca12a3e6d3f4d92aed9c1e
c559662da6404940919b9431e4d4d8da3730c8d5
0bddfd975641da3019dba7cf6a928f70a988500c9152311841231e5eb9041671
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/sa-owl-theme.css?ver=2.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2324
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/animate.min.css?ver=2.0
162.240.18.185200 OK 4.0 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/animate.min.css?ver=2.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (55728), with CRLF, CR line terminators
Hash bfb510cdc7e8aa51d99af8de6a78447c
04893453fb4327a74f61c970aca67faebd5e2c7e
710ee739d298bf26168626c24ea059180ccad7df28eac7a79944566914dabfaf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/animate.min.css?ver=2.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3984
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/css/lightgallery.css?ver=2.5.0
162.240.18.185200 OK 2.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/css/lightgallery.css?ver=2.5.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 0f64552fa61962245a0b757fb2075e4d
5fc30145507e86423307d9b2dbd9e546c7062734
7ff4cc6b6b863ba18cb8f9ce00c99ef8dd1a8f2719f3418c28d1d9ed9c367995
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/css/lightgallery.css?ver=2.5.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2931
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/css/lightgallery-bundle.min.css?ver=2.5.0
162.240.18.185200 OK 5.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/css/lightgallery-bundle.min.css?ver=2.5.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29527), with no line terminators
Hash 1ced39653ab97c113042f90839d50690
1258b8614fc2cc5079c98e7aeda89ec4700df80d
233315b7e7b2da034920644506523d39184aad360c31885f0ea0af2bdcac3001
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/css/lightgallery-bundle.min.css?ver=2.5.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5229
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/vc_openiconic.min.css?ver=4.12.1
162.240.18.185200 OK 1.4 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/vc_openiconic.min.css?ver=4.12.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6483), with no line terminators
Hash f00ab073c760d2b94ab134bf3f08b801
73dd44cc179e51bfd70af60bcd7baa103611d081
0949d757d4cf64a7ef177355cf94c39d33afd034dfeffa281a9fa06f70db1b39
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/vc_openiconic.min.css?ver=4.12.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1373
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/adventpro/v18/V8mAoQfxVT4Dvddr_yOwhTqtKA.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/adventpro/v18/V8mAoQfxVT4Dvddr_yOwhTqtKA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15884, version 1.0\012- data
Hash 73f61f92b42d79d54cae586e759114b9
6f3e856e5c820affd0dfe729f27bb4767e1a09bc
466a53d5e0126d5f20daf160381a6e638d161d7761e19e1c80052a420f469d6c
GET /s/adventpro/v18/V8mAoQfxVT4Dvddr_yOwhTqtKA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hbcsaude.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 11:29:31 GMT
expires: Thu, 05 Oct 2023 11:29:31 GMT
cache-control: public, max-age=31536000
age: 114339
last-modified: Tue, 19 Apr 2022 19:49:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/adventpro/v18/V8mDoQfxVT4Dvddr_yOwjeWJPbF4Cw.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/adventpro/v18/V8mDoQfxVT4Dvddr_yOwjeWJPbF4Cw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16916, version 1.0\012- data
Hash 82f06293ddba365ab5d6742e043e7acf
7d3c598246927b7bc7084564c89211425043c0c3
3782e2d90109515df4f0a45b1e0682978b7acd62e776ad5e5fb2ee8297dcc89f
GET /s/adventpro/v18/V8mDoQfxVT4Dvddr_yOwjeWJPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hbcsaude.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16916
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 13:19:07 GMT
expires: Thu, 05 Oct 2023 13:19:07 GMT
cache-control: public, max-age=31536000
age: 107763
last-modified: Tue, 19 Apr 2022 19:36:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.2
162.240.18.185200 OK 1.7 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.2
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (401)
Hash 8d9b2928b6874e8da430585524784319
e3d99309ac812763f77759e258840f348357b607
adfab777821109a22e899673a3688fa30f9cfd2f8bc18aad62bd9fddb5c93a02
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.2 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1731
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/css
hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/js/easypiechart.js?ver=2.1.3
162.240.18.185200 OK 1.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/js/easypiechart.js?ver=2.1.3
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3299), with CRLF line terminators
Hash 1b2cc2963eb466121e84e07f2478c5b6
c15c8d84ac8e087a09750f91e7b95d60463afbec
8d8e2b96fcc02e966f19adf5a03a5bc3999d84be7fb7944595958a2a5043e11c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/themeone-shortcodes/shortcodes/js/easypiechart.js?ver=2.1.3 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 02:17:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1627
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/js/jquery.appear.js?ver=1.0
162.240.18.185200 OK 1.4 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/js/jquery.appear.js?ver=1.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 532bd82d047961b6b288eec0bc2cfa4c
41e7df948ec555537e2a7a8a1419b5fd9daf5beb
7dff26317bef1541be1ac4c5baec3d6e81acaccca3844cc7df8bd3f1a99455e2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/themeone-shortcodes/shortcodes/js/jquery.appear.js?ver=1.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 02:17:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1362
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/js/themeone-shortcodes.js?ver=1.0
162.240.18.185200 OK 9.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/themeone-shortcodes/shortcodes/js/themeone-shortcodes.js?ver=1.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 8335de6889fe70e0b84b5bfe9fac34aa
c900206e1361fb23dd981a83208bd5c68884da49
c05810ae51d217fb11b6789447d7dc0a732e796a76fa1f4acfd84321e9380bf4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/themeone-shortcodes/shortcodes/js/themeone-shortcodes.js?ver=1.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 21 Sep 2017 02:17:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9110
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/includes/post-like/post-like.js?ver=1.0
162.240.18.185200 OK 528 B URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/includes/post-like/post-like.js?ver=1.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 475dfc465e6e1cea39f840b8a4ddd82a
a7d84fd844c2d7892d8c1146c5675f65cfa0891f
e7392b94a8aa8c8f9ddf0973c597518f2449e7c9ab2fe182a6a1de854ab5d24e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/includes/post-like/post-like.js?ver=1.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 528
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
162.240.18.185200 OK 4.0 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 179ff7e7ba061cb009f29849fc15f071
f824ebc474c27b208137b68aa51d5d0d2b3a89e9
b889c73e9da05e33847d3ab6f1f98c172204c3e4cb2e4832863695f34e2270de
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 27 Feb 2020 15:17:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3993
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.youtube.com/s/player/55fdc514/www-player.css
142.250.74.14200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/55fdc514/www-player.css
IP 142.250.74.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ce9b3268e83e864464ee0b1c1bcbd395
aec0d122b7a1674fd2c903e350d7c1e345bdda9a
eccc42a16e7cb2c976a2f247265ef435954d636410182b6e8d6443457252d0e6
GET /s/player/55fdc514/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/ZhZq4vPVxUA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 50095
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:56:36 GMT
expires: Thu, 05 Oct 2023 14:56:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/css
age: 101914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 97 kB URL HTTP/2 www.youtube.com/s/player/55fdc514/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (572)
Hash 25913148e87059714551dcf4917e9cda
77186ee8b563a941961829ca4df183e6c0b63660
2c1f6b675637c3df7fce30c177b7a16047d026aca38b4f2e562b8328d775acf0
GET /s/player/55fdc514/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/ZhZq4vPVxUA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:56:36 GMT
expires: Thu, 05 Oct 2023 14:56:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/javascript
age: 101914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.14200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/55fdc514/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/ZhZq4vPVxUA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:56:36 GMT
expires: Thu, 05 Oct 2023 14:56:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/javascript
age: 101914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.12.1
162.240.18.185200 OK 5.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.12.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19095), with no line terminators
Hash f3f34288e89a6c8d684c027ebf689426
392248789363f33d21d5239d645b17ad77938f17
d8711f4e60808c312bacc85811debc24b5fbdc522bdd808ca442c9fa0cb64b2b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=4.12.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5584
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
162.240.18.185200 OK 2.5 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6603)
Hash ec6dcd00af82068551b3a60045c86824
140ac89dc8ae6ffebecb269e0ebd88bfbc0c2686
1a9a7a2329ce40bd74814e4f6acaddce722e9b53187fb109f39e793ffe50c46e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2543
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/timetable/js/jquery.carouFredSel-6.2.1-packed.js?ver=5.3.13
162.240.18.185200 OK 14 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/timetable/js/jquery.carouFredSel-6.2.1-packed.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (35720)
Hash f48438b9b3cd22e933b6408a2fe86397
e95fcf6a726c30b263d3b32e3de897c5165f699b
b53af328914d83d51645d96277131c01bb09eff1b6040bb9d6a9be3feef98685
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/timetable/js/jquery.carouFredSel-6.2.1-packed.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:25:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14158
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/timetable/js/timetable.js?ver=5.3.13
162.240.18.185200 OK 2.3 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/timetable/js/timetable.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (301)
Hash c792ad70c640a72e0a01d3f2aa203ac4
8ef36ba33cefdbb2c63823ca3ba907544bc3fd17
8a48a3b3235611ce2e63354446d6ec440df658a267e3be28d14e2e646d044a66
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/timetable/js/timetable.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:25:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2284
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
162.240.18.185200 OK 991 B URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2927)
Hash 0a9656f23585bbaa3376e904fa025a7f
37b57e7fa8a0ab85bc257573847acc1b4fa94dcc
4c9c329df2e0b3306dd4838ce24ae58eb441bcf4c6067899a97323c8d688c59d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 991
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
162.240.18.185200 OK 3.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10694)
Hash 10aa8ebc5880a6468df6f5fc1e6e6382
26c55c30b7ab074ba81a638125fd256108df0591
4c64c3fa0a59f218045cc60a960df7e37c7e0157cc886fb0758c200bbe02ac95
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.11.4 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3053
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/smoothscroll.js?ver=1.2.1
162.240.18.185200 OK 2.3 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/smoothscroll.js?ver=1.2.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with very long lines (4664), with CRLF line terminators
Hash d040a04237efc7612502ec65b3d544fd
cda4746b34259099d891b4c7a5ab0b2e4d4e8a10
c66ec563e047c1efa5213f2fc50e7b7c0ce07fc9065f43d4aa22c5128ce5df92
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/smoothscroll.js?ver=1.2.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2335
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/history.js?ver=1.0
162.240.18.185200 OK 4.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/history.js?ver=1.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with very long lines (15523), with no line terminators
Hash c0493c092e44bc6248bcae343954c33b
26c627c65bb0f5721064b2b85768a230b52dd032
425bc1902d2866b871558354b5735f9e2df2d0ab72b3f686ce7ef1da83f75670
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/js/history.js?ver=1.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4621
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/ajaxify.js?ver=1.0.1
162.240.18.185200 OK 2.7 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/ajaxify.js?ver=1.0.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (560), with CRLF line terminators
Hash af615c070cd08509b6640b9c7787d129
a370e70aa9399df9ec19c7ac76251cef31b35a7b
61c1ff92f19547158f1351b3eb45d84ae3661404a1faafa0b6e177fb5a7f1ca2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/js/ajaxify.js?ver=1.0.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2682
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.3.13
162.240.18.185200 OK 544 B URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1193), with no line terminators
Hash 870e62eb8921f70bcf00a1733c08f781
5748aa9c058425ddabb84c54f40e7a99a91a84df
5ba400fa8fd07b476630daba4694f437a3665b1491538224b530090ec16d6c8e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 544
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/owl.carousel.js?ver=1.3.2
162.240.18.185200 OK 6.7 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/owl.carousel.js?ver=1.3.2
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14916), with no line terminators
Hash fb2a176c9b9a134a2ef06ec24b2a6a94
d39a07e91936a60493aa17833179c3546dd917cc
3c7b0b46f2b4ec3784e5fc4e57d39ff7f787ab948c98bb76269ed65791d1c2e1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/owl.carousel.js?ver=1.3.2 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6677
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/hammer.js?ver=1.0.7
162.240.18.185200 OK 4.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/hammer.js?ver=1.0.7
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12844), with CRLF line terminators
Hash fbac9ac5f1fc15369d96337ff81df1d4
3735b9ece8b644e183d11b1cdd51681844203b89
7cfdbb789915626e71fde1c4e78c2ed4a026b3796a047c0f7fd2e6676b44303f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/hammer.js?ver=1.0.7 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4158
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/easing.js?ver=1.3
162.240.18.185200 OK 982 B URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/easing.js?ver=1.3
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (3524), with CRLF line terminators
Hash b98437c0d02408e7cee44fc9ce02f9d6
412a27994e77ef65187e9045b694c5d8889f6922
4001560e365b23bc596a446f76fa17bc8cbb6a49a5e1baff1b57597e217d55c4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/easing.js?ver=1.3 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/js/isotope.js?ver=1.5.25
162.240.18.185200 OK 16 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/isotope.js?ver=1.5.25
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32031), with CRLF line terminators
Hash 03555f0dca70735109922ef8ff5754a4
63bbdb7202bfcac199871a441026a70660874363
425f590a3310b3e6fc37c5462f7a3db31816be7fd79eb617d751303d4b30d8b0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/js/isotope.js?ver=1.5.25 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16010
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
162.240.18.185200 OK 40 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65266)
Hash 61ff6655f5299578163cd725afd1d6cf
521dded8de0e20ab68cfffb57cba7f5a8162ef2f
afe837713fc108b4965860651da3f4da1fd1c39eece21b2c21855de0d08d901a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:10 GMT
Server: Apache
Last-Modified: Tue, 08 Oct 2019 16:06:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39664
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f24f49dce99bf22d6f1834c2f702f1f4
5c683d0f6be8cd1a60d95a0cb892007f4363005a
3b3e804ba36f52b1aaad872cd62a8b1f67d59a41c62a68c96d13605103329ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/themes/mobius/js/sly.js?ver=1.2.2
162.240.18.185200 OK 6.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/sly.js?ver=1.2.2
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (548), with CRLF line terminators
Hash 5dd92adefaa849e387903876fd22ced7
ff410bbeae31ab45ea77abc3935e166c57981634
e35e30823e1d2b48d1024dd4e97ca9aff07ab8f94376a289eb3312e1149a1804
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/sly.js?ver=1.2.2 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6928
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 19:12:37 GMT
expires: Thu, 06 Oct 2022 19:27:37 GMT
cache-control: public, max-age=900
age: 154
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/themes/mobius/js/custom.js?ver=1.0
162.240.18.185200 OK 24 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/js/custom.js?ver=1.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 3431c26500083ddce78fbae9f9950f0a
936f3a4da33b1c4bad1c9b11ce8224ada456711a
5f9339e80e163d8277de15b569ed7ed7055deb39aba6576c6a3f8862b0b17c98
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/mobius/js/custom.js?ver=1.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 23577
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 06 Oct 2022 19:15:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f24f49dce99bf22d6f1834c2f702f1f4
5c683d0f6be8cd1a60d95a0cb892007f4363005a
3b3e804ba36f52b1aaad872cd62a8b1f67d59a41c62a68c96d13605103329ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/themes/mobius/includes/mobius-grid/mobius-grid.js?ver=1.0
162.240.18.185200 OK 8.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/includes/mobius-grid/mobius-grid.js?ver=1.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 81546b14db6916a132a759086284b173
0f4a84d3eb6114c63deaa40c17df6c3152e2ac73
5d48013a0ea18d50769f60c78b0501d936d2f2493b044ead57da80aa358e17e6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/includes/mobius-grid/mobius-grid.js?ver=1.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8636
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/comment-reply.min.js?ver=5.3.13
162.240.18.185200 OK 1.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/comment-reply.min.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2337), with no line terminators
Hash 7735003b7e944da3b7243ff1b7154ea2
49b2bcc84b13060be0104b5fa2b605ce549f735b
0a9b6c4d112f01e0fce026b91567f4cb562d8019dff557aaafe7fad2b4328e0d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/comment-reply.min.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1115
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/hoverIntent.min.js?ver=1.8.1
162.240.18.185200 OK 464 B URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1087), with no line terminators
Hash 8f4371b1904703da700396e57cc2851a
f54f9c7e30117a26c096246800ad37684c3bb0f1
a90b06b6d4dc6446fd5e62dda1ae66d75edac1358c6abf8fadd1729d6e35f3ae
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 464
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 06 Oct 2022 19:15:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.8
162.240.18.185200 OK 4.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.8
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (315)
Hash 6d71775bb4f2598951d84e6060cdd6bb
fe7bdba159ad64f11a43a49440ecd79c6a30d623
48cd1ae0e8af4770be4566a7346e95aa9ca49a6f830f6110e7ad30f7a2aff2ef
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.8 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 16:53:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4877
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36351)
Hash fca4c84446cae474dbf63fcf44f061ca
399275019a515b324eb48ac6f2042f30dd15cd18
86a4021c55d56c050bc7e8de79f895d7555279bccbc8777f975f0945a5a2a4f2
GET /js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14350
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:28:36 GMT
expires: Thu, 05 Oct 2023 16:28:36 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 17:00:00 GMT
content-type: text/javascript
age: 96395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-includes/js/wp-embed.min.js?ver=5.3.13
162.240.18.185200 OK 739 B URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/wp-embed.min.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 739
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/owl.carousel.min.js?ver=2.2.1
162.240.18.185200 OK 11 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/owl.carousel.min.js?ver=2.2.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31997)
Hash 147ac1c530c19c721f2f08015355831f
36666c04ebfd91eb34a2bccfd77d5921f149719e
ad388396f2600caf304c74c3255d0cb91ec3eb6979eece045c096b4b8f0e0f3c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/owl.carousel.min.js?ver=2.2.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11412
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 130ee302a2d581b152c8beccdc64866e
41fba8278d61fd6638376868fbe50c752f858b44
5345486b353cd67707512700d28f5937d9ad53f23b590e82cb624f1e509c1943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/slide-anything/js/jquery.mousewheel.min.js?ver=3.1.13
162.240.18.185200 OK 1.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/js/jquery.mousewheel.min.js?ver=3.1.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2584)
Hash baa502474e995cb5ba0a43384a27f0d1
7febb2289457a9af12730eaaed84c9e02e324255
685feab12164cec640fd0a2fb698d5ca4eaf891c189848d93de93b101ad6dc9b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/slide-anything/js/jquery.mousewheel.min.js?ver=3.1.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1169
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/owl.carousel2.thumbs.min.js?ver=0.1.8
162.240.18.185200 OK 1.1 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/owl-carousel/owl.carousel2.thumbs.min.js?ver=0.1.8
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3342), with CRLF line terminators
Hash b73b5add629a56b75f0c98a429ae5ade
6138f6ff859182b709cb773b0e641f92a6f8bc9d
e8aa170ef38d96f64e7bad146918fe21601d37396f46eeede1d74977160f5a54
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/owl.carousel2.thumbs.min.js?ver=0.1.8 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1123
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
i.ytimg.com/vi_webp/ZhZq4vPVxUA/sddefault.webp
142.250.74.118200 OK 20 kB URL HTTP/2 i.ytimg.com/vi_webp/ZhZq4vPVxUA/sddefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52af072208f08fa7d2554cc6f8f2dbff
61352d905c5c7e28b303db7d375d5c7a5d1775ef
d4ed09e9e08071f092db0cafdbc352ccbdce273ceb8b4f66b5ad6ba2b6a15c7f
GET /vi_webp/ZhZq4vPVxUA/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 20392
date: Thu, 06 Oct 2022 19:15:11 GMT
expires: Thu, 06 Oct 2022 21:15:11 GMT
cache-control: public, max-age=7200
etag: "1658872534"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/lightgallery.min.js?ver=2.5.0
162.240.18.185200 OK 13 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/lightgallery.min.js?ver=2.5.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (46692), with CRLF line terminators
Hash 581527fde8136e7b343c54e9f040b5e7
a1fe6dd6918fee76022000b54aa236758467353f
14246648459fdc0c6d83280369b4ccb0a31c5655f328f4fa9dc4e3d5852a155a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/lightgallery.min.js?ver=2.5.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 13419
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 130ee302a2d581b152c8beccdc64866e
41fba8278d61fd6638376868fbe50c752f858b44
5345486b353cd67707512700d28f5937d9ad53f23b590e82cb624f1e509c1943
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/plugins/video/lg-video.min.js?ver=2.5.0
162.240.18.185200 OK 2.7 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/plugins/video/lg-video.min.js?ver=2.5.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7930), with CRLF line terminators
Hash 9747bb69664d17900c0baa4083a3e3e7
7b6a5a3cc7adf45d9553665b36d970d8521a6bfd
9f874a1ca7c9cb2c8afccb7b1f8d65163de2dfdc2cce0554bd517d5546cdc3ad
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/plugins/video/lg-video.min.js?ver=2.5.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2661
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e706a7ca51cd91bb00f8e3d31b6e0005
92b4ca2e474ecc44c455bb853a3078bf5bd3ae1d
1b10c86665080657cb3711f81ea96a414aee8abff99883c23987940fe93fd73a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/plugins/zoom/lg-zoom.min.js?ver=2.5.0
162.240.18.185200 OK 4.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/plugins/zoom/lg-zoom.min.js?ver=2.5.0
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16206), with CRLF line terminators
Hash 9ead6b7b1e6d73adc95d85f22c8aa076
3d82ad0d592b25e33b90c6cac9d10bdc79d85cf0
031cf2c4cc77db9df7a8d28b34d9a9c7c6380638923a29e59fcb2fde53f7d1cf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/plugins/zoom/lg-zoom.min.js?ver=2.5.0 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4553
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=5.3.13
142.250.74.10200 OK 1.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=5.3.13
IP 142.250.74.10:0
File type ASCII text, with very long lines (3955), with CRLF, LF line terminators
Hash 658f6ceb96d83b4293f9933faaff2535
a49f6f08a01182c6ae710d4b174c1c95b4f396b7
04c5ba5e1c8581ea1326c879dd23a771da28cb41c5f53fba559cb92aa817dab1
GET /css?family=Lato%3A400%2C700&ver=5.3.13 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 19:15:08 GMT
date: Thu, 06 Oct 2022 19:15:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=4.12.1
162.240.18.185200 OK 2.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=4.12.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7808)
Hash ce37923565b26522f8e8cbd5070f03a1
139bdb311e96f326a2a7040e012a32bfa5331251
2c3ab394646b898c62e876a367ca8ac8dd9a81ff46559d3e4765487b7125b0d3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=4.12.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2615
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/player.min.js?ver=2.17.1
162.240.18.185200 OK 6.4 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/slide-anything/lightgallery/player.min.js?ver=2.17.1
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17563), with CRLF line terminators
Hash 08688da66180907984b68cfee42e035b
b1d5f7fe7238a21d4624bec58c8dd7088ae84ba8
17ff02dfc275cc8d4336853b86bbed9cc1ee378def437ed5ba4a6a96dc3deb77
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/player.min.js?ver=2.17.1 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6367
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
162.240.18.185200 OK 4.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3.13
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10927)
Hash cecddf5ddbcefd9b5e6e2c9ccf2b0f88
47af5b49999884a7baa802269b58844df86adda3
17273e8bdfa2d374b963fda5ed3fff219ee4d53031356c6181430f92aea473e7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.13 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:21:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4619
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
hbcsaude.com.br/wp-content/themes/mobius/css/icons/steadysets.ttf
162.240.18.185200 OK 18 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/css/icons/steadysets.ttf
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoonVersion 0.0icomooncmo \012- data
Hash 42f96ff6fdaa4fbf084aa78d2aeb58da
56af19f531cf93090d02c385fad87d89a5efc319
3b8883d87636bb722118841b45ada3d635a19e87df3d6cdf51ddd7acb922bcbb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/css/icons/steadysets.ttf HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/wp-content/themes/mobius/css/steadysets.css?ver=5.3.13
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 17775
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: font/ttf
hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/fonts/vc_openiconic.woff?54101537
162.240.18.185200 OK 14 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/fonts/vc_openiconic.woff?54101537
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 13824, version 1.0\012- data
Hash 2e3659f9fd0120142d7f9c83a931a9ac
4a363ad9713b437d24ea439440a305d513a203fa
9481a3c25a8288bb2e83b3338fb221c550fa6c7956452a1642dcc5e0038e245c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/fonts/vc_openiconic.woff?54101537 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hbcsaude.com.br/wp-content/plugins/js_composer/assets/css/lib/vc-open-iconic/vc_openiconic.min.css?ver=4.12.1
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Content-Length: 13824
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: font/woff
hbcsaude.com.br/wp-content/themes/mobius/audio/blank.mp3
162.240.18.185206 Partial Content 2.6 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/themes/mobius/audio/blank.mp3
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6038184291591b93ba94fcd8420c9ab4
bba823ab3850426685381b51b02090ac035b8b76
d4456afe44accf096ab49198ff57823eeb34ce5f51c904f18771645a8ec897f5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/mobius/audio/blank.mp3 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Sat, 05 Mar 2016 04:00:00 GMT
Accept-Ranges: bytes
Content-Length: 2649
Vary: Accept-Encoding,User-Agent
Content-Range: bytes 0-2648/2649
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: audio/mpeg
hbcsaude.com.br/wp-content/uploads/2017/09/logo.png
162.240.18.185200 OK 16 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/09/logo.png
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 720 x 527, 8-bit/color RGBA, non-interlaced\012- data
Hash a0d207dafbb1d93da595234ed3906a08
f01a959c00e4ed41e6bb8c87fb549615ec7bc560
e1c529d68e5d79b0ce269142e4052117e18798baabc559a3eae53ed6587796e4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/09/logo.png HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 25 Sep 2017 22:39:01 GMT
Accept-Ranges: bytes
Content-Length: 15464
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
162.240.18.185200 OK 72 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://hbcsaude.com.br/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=4.12.1
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Wed, 20 Sep 2017 23:20:20 GMT
Accept-Ranges: bytes
Content-Length: 71896
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: font/woff2
hbcsaude.com.br/wp-content/uploads/2017/11/ans.png
162.240.18.185200 OK 6.0 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/11/ans.png
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 56783b3549ad7188c02d11ad40250bd5
945eee9c35413aa647114e8775fedfc49160cf01
1facd0b1731f3a84e1310cb9727923cebc3d1761353cee1277fe50f1ab9e1b6b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/11/ans.png HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Mon, 27 Nov 2017 22:35:39 GMT
Accept-Ranges: bytes
Content-Length: 5995
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
yt3.ggpht.com/ytc/AMLnZu9TRQT3RBR1frfmhVCA9ukDpcHJIMnl_vSXWK2e=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9TRQT3RBR1frfmhVCA9ukDpcHJIMnl_vSXWK2e=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash ded8e4fd0c24f8472eb17cc287c41ca9
bc1cc67c11b71cc3a1e5c0798f2c51c35a66bd19
49af80aac47c50f8392fef2927e7ae3f014b67fb8a11548112a60fa62e96f942
GET /ytc/AMLnZu9TRQT3RBR1frfmhVCA9ukDpcHJIMnl_vSXWK2e=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6"
expires: Fri, 07 Oct 2022 19:15:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 19:15:11 GMT
server: fife
content-length: 2320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/uploads/2014/06/ans.jpg
162.240.18.185200 OK 9.9 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2014/06/ans.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 405x59, components 3\012- data
Hash 98281a3760727d9f671a18c296487d90
9f2a7c874b1b91e081f2c4d1a5404674f5512f7e
8be54e8b0db72fde5fdb0117e5103d2f1db55ad596250175d71f253353cc3c0f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2014/06/ans.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Sun, 05 Nov 2017 23:48:41 GMT
Accept-Ranges: bytes
Content-Length: 9857
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:15:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hbcsaude.com.br/wp-content/uploads/2017/10/HBC-Fachada-01A-500x350.jpg
162.240.18.185200 OK 49 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/10/HBC-Fachada-01A-500x350.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x350, components 3\012- data
Hash 46f52f9c487b8637395bad5d288c6e65
729279e5be88bbeab1d35720c62dc6f847421e72
eb5613992d563a695ddaacbd5508feb96f38a7b521e40fcffc8d78b2d7cb869c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/10/HBC-Fachada-01A-500x350.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Thu, 17 May 2018 15:19:45 GMT
Accept-Ranges: bytes
Content-Length: 49242
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2017/10/2-500x350.jpg
162.240.18.185200 OK 47 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/10/2-500x350.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x350, components 3\012- data
Hash 5f75c7c1bdc29cdbda925b71cf3b2ecb
51b0458194790c29f387770df9973ced7f174d69
df1ce41ff62aeebf53a4e09a0e2197cf3abd9009df0bd82852de956cb2a82730
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/10/2-500x350.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Tue, 17 May 2022 22:58:57 GMT
Accept-Ranges: bytes
Content-Length: 46792
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2017/10/1-500x350.jpg
162.240.18.185200 OK 54 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/10/1-500x350.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x350, components 3\012- data
Hash 4a7b9deee4431d9d481adf4abff314b6
4fcc740ba6b506050b8eda0eb433e9e15e02bce3
e40fe73200d5f78412d091b901fb06b70009ef9086c9473faff45b7ee23e871f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/10/1-500x350.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Tue, 17 May 2022 23:06:38 GMT
Accept-Ranges: bytes
Content-Length: 54396
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2017/10/H-Fachada-01-Final-500x350.jpeg
162.240.18.185200 OK 42 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/10/H-Fachada-01-Final-500x350.jpeg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x350, components 3\012- data
Hash 183bf72e4cb9b8c4747423e56a61946e
57227118c4b76967f2c26fe4a1de816347cafde8
000a186558ba22ec1394ab5cd85e3a1a816cdfda6143da0fc05948f38d53aae2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2017/10/H-Fachada-01-Final-500x350.jpeg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Mon, 16 Dec 2019 22:34:35 GMT
Accept-Ranges: bytes
Content-Length: 42173
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 06 Oct 2022 19:15:12 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4819ea3e325b2ef7116e1e67098037c7
cb2afa2a02942204a54b7a07d48c048164f52e73
b4d54719238f284c93427868dcb2e8686e0cd15dbcb7513c0e8959234e89130d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1070
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 06 Oct 2022 19:15:12 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hbcsaude.com.br/wp-content/uploads/2014/06/fundo-site-verde-2.jpg
162.240.18.185200 OK 191 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2014/06/fundo-site-verde-2.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 191 kB (190803 bytes)
Hash af1d9808bcaf7900297980e524e0782b
2c651f1c4f4334fc03ed7ac7974f93feed3be1b2
42e8ff447daf3f5a4e8624d6cb4d86d9c16265a55d3b050e42be98d1c4e312da
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2014/06/fundo-site-verde-2.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Tue, 17 Oct 2017 22:22:01 GMT
Accept-Ranges: bytes
Content-Length: 190803
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2020/03/bannerpost-500x350.jpg
162.240.18.185200 OK 30 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2020/03/bannerpost-500x350.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Hash 19f612b19ceba6b9493d541cea3759de
dc61e0517f69802bbd15a6acfebe900451bbf254
e580b6fe5141bfd8d08faf9c139c1bdd4545d217a42983d9e365e438c15e5f9f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/03/bannerpost-500x350.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 00:18:44 GMT
Accept-Ranges: bytes
Content-Length: 29613
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2017/09/cigarro-500x350.jpg
162.240.18.185200 OK 18 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/09/cigarro-500x350.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x350, components 3\012- data
Hash aa82f66c42ffc987b04514525dcc072e
27e58fd97fa9b050f05f4712c17efd63edbe7591
b6b49ac9d390695e929ed78b8e1fd11baa26327b20108246e0dca96f6484158a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/09/cigarro-500x350.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Fri, 18 May 2018 15:17:14 GMT
Accept-Ranges: bytes
Content-Length: 18155
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2022/08/Slide03HBC.jpg
162.240.18.185200 OK 146 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2022/08/Slide03HBC.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 146 kB (146007 bytes)
Hash 6ef8dead5d4add1f802954027df60751
f37a3dbac507c2ed8b48d1a83e9e6a7e97c70afe
e8fe72b002e5d32300acb52af25a234e64dd19573ba5f16ca0e3f54709d5554e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/08/Slide03HBC.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 22:58:42 GMT
Accept-Ranges: bytes
Content-Length: 146007
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2017/10/HBC7546-500x350.jpg
162.240.18.185200 OK 27 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/10/HBC7546-500x350.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 500x350, components 3\012- data
Hash ccce9d9ec5fccca2d24d71bedb9806e0
18324bde2096f2013df9b1bcbb29cc840faf67b5
45a5160ea6b95f6df9ca9e135338e80d5d221a795aa15d2695cef4b8fd906d7b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/10/HBC7546-500x350.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Thu, 17 May 2018 15:44:50 GMT
Accept-Ranges: bytes
Content-Length: 27279
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2021/10/bigstock-Medical-physician-doctor-hands-84721406.png
162.240.18.185200 OK 715 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2021/10/bigstock-Medical-physician-doctor-hands-84721406.png
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1422 x 701, 8-bit/color RGBA, non-interlaced\012- data
Size 715 kB (714760 bytes)
Hash e594699e0f1e23a360647ee9b9858027
6a6dd8658f7168a039ae67f216b5b587e4006123
4078254808ff9b2fbc7b8350dd45301494792cc477a13e7703847475a210afcc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/10/bigstock-Medical-physician-doctor-hands-84721406.png HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 02:51:00 GMT
Accept-Ranges: bytes
Content-Length: 714760
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/png
hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/images/td_back.gif
162.240.18.185200 OK 141 B URL HTTP/1.1 hbcsaude.com.br/wp-content/plugins/cookie-law-info/legacy/images/td_back.gif
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 2000 x 2\012- data
Hash a551360d5d4066c870b637984eb1354d
14d0f2ee77bca90917ba734488748eda355bb857
1aee2fa9788e4730635a08157f32cfddd85c159e7452dedc8019d05ac05ce3a4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/cookie-law-info/legacy/images/td_back.gif HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2022 17:33:18 GMT
Accept-Ranges: bytes
Content-Length: 141
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/gif
hbcsaude.com.br/wp-admin/admin-ajax.php
162.240.18.185400 Bad Request 21 B URL HTTP/1.1 hbcsaude.com.br/wp-admin/admin-ajax.php
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type very short file (no magic)
Hash 7ac8c27439ed6e2a30373651a2898777
1249bc89db36deb369d6388319453f015bd83e04
e240a7a561e7c84b32d4695ddc4c0d6c38a8e0c3f2581711c1971680f033437e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: https://hbcsaude.com.br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 400 Bad Request
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Access-Control-Allow-Origin: https://hbcsaude.com.br
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21
Connection: close
Content-Type: text/html; charset=UTF-8
hbcsaude.com.br/wp-content/uploads/2021/10/bigstock-Medical-physician-doctor-hands-84721406-mobile.jpg
162.240.18.185200 OK 610 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2021/10/bigstock-Medical-physician-doctor-hands-84721406-mobile.jpg
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 361x398, components 4\012- data
Size 610 kB (610290 bytes)
Hash 71b41f7a18493923a187cb775234639c
acd8ac2890ae5013e14a3476f56e42d7024864c7
75e5e554c078aeec37d17064b45d6ff8d58e55046595e9bb1662ca42b0791aac
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/10/bigstock-Medical-physician-doctor-hands-84721406-mobile.jpg HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:12 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 02:50:46 GMT
Accept-Ranges: bytes
Content-Length: 610290
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
hbcsaude.com.br/wp-content/uploads/2021/10/5.Banner_Hbc-1.png
162.240.18.185200 OK 2.1 MB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2021/10/5.Banner_Hbc-1.png
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 2960 x 1458, 8-bit/color RGB, non-interlaced\012- data
Size 2.1 MB (2085477 bytes)
Hash f6f328f2e69ea05126e9cf8210e3c6dd
877e07eb9038af3311754e0e6741cdb770c433bd
991e91dd868e27f9fa3cbde17bdbb163a13a50bb5910b69fb5ef555df5e34224
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/10/5.Banner_Hbc-1.png HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:11 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 20:29:11 GMT
Accept-Ranges: bytes
Content-Length: 2085477
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
hbcsaude.com.br/wp-content/uploads/2017/09/cropped-c2-32x32.png
162.240.18.185200 OK 1.2 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/09/cropped-c2-32x32.png
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e61de4229eb5ad5abbf2d7b81faa186
e6a4fc35b3a0f150cca490c7e72edff995197270
f6dc1b955ff355dfb2ff7db3834650a2555d888f3b844fa1cddb2c55086ab580
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/09/cropped-c2-32x32.png HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:13 GMT
Server: Apache
Last-Modified: Mon, 25 Sep 2017 23:16:41 GMT
Accept-Ranges: bytes
Content-Length: 1213
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/png
hbcsaude.com.br/wp-content/uploads/2017/09/cropped-c2-192x192.png
162.240.18.185200 OK 16 kB URL HTTP/1.1 hbcsaude.com.br/wp-content/uploads/2017/09/cropped-c2-192x192.png
IP 162.240.18.185:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash dc0e8d7a17be0afb4d2748171fb2e989
f785bb2efb19a7918d4b1518c8e094ff42ec4c65
9ecae9a84fbf63a9e48ea3d15f0a78199fd759880bf064e39bdb2420208f3a15
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2017/09/cropped-c2-192x192.png HTTP/1.1
Host: hbcsaude.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Cookie: wp_wpfileupload_adb5dcf7967adb2dbe37208297a0082d=CmRsETtKLHTw5jshLP9OaanqqbQxkeQx; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:15:13 GMT
Server: Apache
Last-Modified: Mon, 25 Sep 2017 23:16:41 GMT
Accept-Ranges: bytes
Content-Length: 16147
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/png
secure.gravatar.com/avatar/91bc53eadcee8cc2e015cc845a3c5e67?s=40&d=mm&r=g
192.0.73.2200 OK 983 B URL HTTP/2 secure.gravatar.com/avatar/91bc53eadcee8cc2e015cc845a3c5e67?s=40&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 40x40, components 3\012- data
Hash 75dfb23da6e6730d066e698773b3fd45
3b45961e6fcf7708b89f59d28b18edc96a641016
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e
GET /avatar/91bc53eadcee8cc2e015cc845a3c5e67?s=40&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 19:15:13 GMT
content-type: image/jpeg
content-length: 983
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/91bc53eadcee8cc2e015cc845a3c5e67?s=40&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="91bc53eadcee8cc2e015cc845a3c5e67.png"
expires: Thu, 06 Oct 2022 19:20:13 GMT
cache-control: max-age=300
x-nc: MISS arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/embed/ZhZq4vPVxUA
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/ZhZq4vPVxUA
IP 142.250.74.14:0
GET /embed/ZhZq4vPVxUA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hbcsaude.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 19:15:10 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8_ciFtCsWz8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=osFPuxiACLw; Domain=.youtube.com; Expires=Tue, 04-Apr-2023 19:15:10 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+992; expires=Sat, 05-Oct-2024 19:15:10 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/55fdc514/player_ias.vflset/en_US/base.js
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/s/player/55fdc514/player_ias.vflset/en_US/base.js
IP 142.250.74.14:0
GET /s/player/55fdc514/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/ZhZq4vPVxUA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 592045
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:57:40 GMT
expires: Thu, 05 Oct 2023 14:57:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:20:53 GMT
content-type: text/javascript
age: 101850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2