20.127.73.94/
20.127.73.94302 Found 0 B IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
X-Powered-By: PHP/7.4.33
location: consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12892
Expires: Fri, 09 Dec 2022 01:57:53 GMT
Date: Thu, 08 Dec 2022 22:23:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10966
Expires: Fri, 09 Dec 2022 01:25:47 GMT
Date: Thu, 08 Dec 2022 22:23:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5132
Expires: Thu, 08 Dec 2022 23:48:33 GMT
Date: Thu, 08 Dec 2022 22:23:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 22:08:14 GMT
content-type: application/json
age: 887
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LspuYVlAIsfv3/06hoKXoIuxGXksEqpn92zKu7sXCi6qBz1LPq/f8nVlzjZsQqz+HOGeOi5ffcc=
x-amz-request-id: CD9VWRA3V6YCXFS9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 21:49:58 GMT
age: 1983
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
20.127.73.94200 OK 9.5 kB URL HTTP/1.1 20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash cf3ce37464a8a956bf3907aafcf6c29a
7ef5f09abec9000dba67ea0065e86289e9d69edb
061246ce066914334be39ec36fb9fd7a6bcdd77c7c5994cea2bceb1652a96a9d
Analyzer Verdict Alert quad9 Sinkholed
GET /consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
X-Powered-By: PHP/7.4.33
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 22:23:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.127.73.94/arquivos/clientlib_004.css?the=1670538181
20.127.73.94200 OK 11 kB URL HTTP/1.1 20.127.73.94/arquivos/clientlib_004.css?the=1670538181
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (10672), with no line terminators
Hash 172f191e67018804bb45aa252d7d0b66
c501b95a5c49e2467a87e9f8ee2f212bea4ea6c9
c23e4204d2d67a1fbff2dfb2077f8314771dd9c19930c08900ba119984c61e43
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib_004.css?the=1670538181 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Fri, 23 Sep 2022 18:12:49 GMT
ETag: "29b0-5e95c20314e5c"
Accept-Ranges: bytes
Content-Length: 10672
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
20.127.73.94/js/all.js?the=1670538181
20.127.73.94200 OK 5.4 kB URL HTTP/1.1 20.127.73.94/js/all.js?the=1670538181
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 9e708cd435bb1be517ee78daee6c4075
59ae427e42ecdc98b13535b783f681674fbad8ec
aaf5bcfe75e9eb9284c152c6c02151ae7d2374b9f0a21eae93be227ba38e82e9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/all.js?the=1670538181 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Wed, 23 Nov 2022 05:08:48 GMT
ETag: "152e-5ee1c48a52b98"
Accept-Ranges: bytes
Content-Length: 5422
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
20.127.73.94/arquivos/clientlib_006.css?the=1670538181
20.127.73.94200 OK 1.8 kB URL HTTP/1.1 20.127.73.94/arquivos/clientlib_006.css?the=1670538181
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1776), with no line terminators
Hash 46b9fb40bb1fd5a34f0365250218e9ac
47b28f5619a753e7152c75f3e6652b522b0b89f3
cb5b54cbc3bce8733c8de870ca3cfe17e4c8551d68f43c96955d08c7f8704044
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib_006.css?the=1670538181 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Tue, 28 Jun 2022 16:45:13 GMT
ETag: "6f0-5e284c2b81a1c"
Accept-Ranges: bytes
Content-Length: 1776
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 22:07:55 GMT
age: 906
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
20.127.73.94/js/jquery.js?the=1670538181
20.127.73.94200 OK 92 kB URL HTTP/1.1 20.127.73.94/js/jquery.js?the=1670538181
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash ea4909575690b056ada9f6c420cd4dcf
6c1ed3f126066c3e421926aa16287d06afbb837c
43895fc00c1c429171b35473145ec6a95d7a6df2ee479552e85a823c83a765fd
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.js?the=1670538181 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Sat, 06 Nov 2021 20:05:18 GMT
ETag: "1671e-5d0244761c6bd"
Accept-Ranges: bytes
Content-Length: 91934
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
20.127.73.94200 OK 610 kB URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (29352)
Size 610 kB (609637 bytes)
Hash f006d2ad4309533c549de917feeb8b77
de400a65e26e48717e77e055d3e1b9059563425b
06d28cd86c35bcacf9ade088b665c4f88cb63b23c65066f1c9894923fad1c314
Analyzer Verdict Alert quad9 Sinkholed
GET /arquivos/clientlib-base_002.css?the=1670538181 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Tue, 28 Jun 2022 16:45:13 GMT
ETag: "94d65-5e284c2b7c042"
Accept-Ranges: bytes
Content-Length: 609637
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3639
Cache-Control: max-age=128669
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 22:23:02 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:07:31 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
20.127.73.94/arquivos/clientlib-base.css?the=1670538181
20.127.73.94200 OK 1.5 MB URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base.css?the=1670538181
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (12898), with CRLF line terminators
Size 1.5 MB (1509440 bytes)
Hash 8264f04a7900c84c8c816b678a414c8a
2f17179466cf5129c144d7ba14ca588300c14917
f5cf223060a46c01542aa55459df53fd5b67f7737c1efd5c33f2afcf39f61b12
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base.css?the=1670538181 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:01 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Wed, 23 Nov 2022 05:12:54 GMT
ETag: "170840-5ee1c57508d22"
Accept-Ranges: bytes
Content-Length: 1509440
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g3ebsYcGcjNoqL3Wx7NlMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LoHKruL7OXJ4+oPrTIO3CVRQkPk=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:23:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 22:23:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1a13d12c326848d5b7adeb2562a35a5
d795c519ea637a213aab1d80daaf44ce5ad19069
f7b99c93b99268e1b2fa438d493cf23cd75a98833710ddd22b5278a76e9f019a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 05f49b7c-7c76-4df4-8258-c270078d8fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctl_TH-KoAMFkWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9fb-1971e1e0359763a96b4d320b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:06:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BEsmH1BkWu_c_-qHStWD1CT1Lx1AZVcw9tnLcoGZCmnjwFWdtB7BRA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:39:43 GMT
age: 42199
etag: "d795c519ea637a213aab1d80daaf44ce5ad19069"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 1898
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1be0ae00ba0c6009ac14c8df38b8ad0
33edd1469c54a08e3c4cb0003b87b225eba55b3f
ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 39894
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
20.127.73.94/arquivos/hp.png
20.127.73.94200 OK 96 kB URL HTTP/1.1 20.127.73.94/arquivos/hp.png
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 2160 x 947, 8-bit/color RGBA, non-interlaced\012- data
Hash e586eee4c4165bf8cbabf553a08b8f11
b16cb6cf99843ee783c93d70a277cb029e0792a2
e48d5cc072e80627b97d8f5d268cba9e63ab801856a9ce7bb4c149e6ea389deb
Analyzer Verdict Alert quad9 Sinkholed
GET /arquivos/hp.png HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Tue, 20 Sep 2022 19:32:27 GMT
ETag: "178cc-5e920e3695977"
Accept-Ranges: bytes
Content-Length: 96460
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 59933
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUoREPoIAMF4hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:31:33 GMT
age: 39089
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0hIxbSpQqCv6Ud-7HmBaRxkFrdLYrV-Lr2u3nIzd8jPXpQ8E7ahp1g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 39894
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.eot
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.eot
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.eot HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauText/ItauText_Rg.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:02 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf
20.127.73.94404 Not Found 299 B URL HTTP/1.1 20.127.73.94/arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cc51724fa1c869aadeff4ab46f497e7
b9244fa53e264da05cfd1e87a314f4c433e3066c
cdf1ddad636a4ddd7a535d51799217bcd5eebc511591862c2f15427dfb1d7141
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /arquivos/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.ttf HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/arquivos/clientlib-base_002.css?the=1670538181
HTTP/1.1 404 Not Found
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Content-Length: 299
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.127.73.94/arquivos/favicon.png
20.127.73.94200 OK 6.8 kB URL HTTP/1.1 20.127.73.94/arquivos/favicon.png
IP 20.127.73.94:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 5f6b0de635850c7dfc8702db51cf1b45
98570ec7b49bb94015ac0a490fdf705cd0138418
30c80ffca91e91b997f389b9fb75ad9e4ce2eca5b9efc3575a9fe31f735f324e
Analyzer Verdict Alert quad9 Sinkholed
GET /arquivos/favicon.png HTTP/1.1
Host: 20.127.73.94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.127.73.94/consulte-sua-fatura.php?cartoes=home&id=MzY1Y2MzY2Y3NzJjODkzNWRlYTQyZTNlNjBlMGI3MDY=&the=theking
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 22:23:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.33
Last-Modified: Tue, 20 Sep 2022 19:35:24 GMT
ETag: "1a90-5e920ee0132d9"
Accept-Ranges: bytes
Content-Length: 6800
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:48:32 GMT
age: 2077
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.127.73.94/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 22:23:01 GMT
date: Thu, 08 Dec 2022 22:23:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2