firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash cd8d0809aa5948f2a6ee41d2158861af
098cd24ac587cdc70137af412678526de4d43969
88e6741d6bf076bf7132c7cf98456702cc775476095aafd839888edff52fb03e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Alert, Retry-After, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 24 Oct 2022 21:53:04 GMT
Expires: Mon, 24 Oct 2022 22:03:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qNMDbcIW84ool0SPkwyMv2CGw-c-b_HZxEuTRpeNJygJUyCzXws_UQ==
Age: 1052
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3347
Expires: Mon, 24 Oct 2022 23:06:23 GMT
Date: Mon, 24 Oct 2022 22:10:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16547
Expires: Tue, 25 Oct 2022 02:46:23 GMT
Date: Mon, 24 Oct 2022 22:10:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lau/6A2Io6ZsEQ4mOlp5Iq2LbtBSYWR63Zrn3PVT8IAfDX6eJlzITRYBR7MjlAweKQHId5gksuU=
x-amz-request-id: 4PBTGWMDAEPHG60W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 24 Oct 2022 21:38:32 GMT
age: 1924
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 24 Oct 2022 22:10:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 24 Oct 2022 21:33:32 GMT
Expires: Mon, 24 Oct 2022 21:59:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OcsoWZZ6YZTF5rJt4ZhA2IPYU3CGZ7_g2Ww1WdGkNEsJezQxuybL3w==
Age: 2224
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3174
Cache-Control: max-age=125342
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:10:37 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 08:59:39 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
dfalab.com.br/
192.185.216.180301 Moved Permanently 0 B IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 24 Oct 2022 22:10:35 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://dfalab.com.br/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xwfcnw0wMBCNpQwlfc9sqg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TfWjYle15ko4f5J6z6v63GR1xcI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d1365610222a96283ae3874b06413dc
a6b1a9562f6148530dce89ccdbf76e136b213a7c
fc5d8716ec4d1fdff77f88463578f9e6d7c511267e58a4fa572c86bd4e1d6716
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5D8716EC4D1FDFF77F88463578F9E6D7C511267E58A4FA572C86BD4E1D6716"
Last-Modified: Sat, 22 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Tue, 25 Oct 2022 04:10:09 GMT
Date: Mon, 24 Oct 2022 22:10:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17140
Expires: Tue, 25 Oct 2022 02:56:18 GMT
Date: Mon, 24 Oct 2022 22:10:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4f6855f-9ed8-45f8-8210-2a1c3775084c.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4f6855f-9ed8-45f8-8210-2a1c3775084c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aeb6b1835d08c55cf42c944741534ed
2009d471c426326137be99f0becf8a04b51aae1f
368e0fc26b5cae86c8e3d4ea761a0cf8006853834b6c7d721b4ca53a0ced7bc0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4f6855f-9ed8-45f8-8210-2a1c3775084c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4461
x-amzn-requestid: 6a91b1ef-03ad-41a9-a7ef-79c9129773f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7m1eEUsoAMFq2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347b822-19570e781713e88644149419;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 07:02:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TJ09hafmsoFCDjrsKTmSFovCGUOCAYUK8uge9nyoe6ZFdtAAjnDswQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:57:04 GMT
age: 814
etag: "2009d471c426326137be99f0becf8a04b51aae1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 04:35:17 GMT
age: 63321
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65d8d48ccc1c14c53b1ab16057d641d8
36f72d915609993e908d41cb5cf0b1c6b4c79830
8558f68db30b99216752cc3b5861fdd315313821c81efbb56420b3d101cdc5b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6251
x-amzn-requestid: a81718c4-ac06-4388-bb9b-d92c02528226
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvM2E-ToAMFTQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f1e-2176b3c742eab3242fa1d58a;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: alnPUjWwzi5g_0XVI1Wmkavc2vnv6pqq8-WewDTX0XPyDAvwEqyudw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:30:48 GMT
age: 52790
etag: "36f72d915609993e908d41cb5cf0b1c6b4c79830"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e41dda631c7f2ee5e664d43e48af31
5a8579a70d8791a19e0192995c46594e242e864d
c26bec6c4527220272777fe7b3209d8726c94105955ef15f05a584bae50ae719
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d122f5c-ef0b-49a6-a68c-137a02ef7894.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: c37a1abe-9823-4181-a64f-5cc074cfdf2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3OeGxOoAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357058f-10c7cfed331c043e00a600e0;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:37:19 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: W3FmIxKlIU9N0kCfbiIqszSpbnmBk5gVmAOZ_w5e7a116zrKEeUpMw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "5a8579a70d8791a19e0192995c46594e242e864d"
content-type: image/jpeg
age: 1489
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8f7dec290a5b32d2e1760ea01e0f160
bac869e97622c00d8ba2349ac03c6390229f8929
aa5d7fcb93818d291acce653a883c312595314685b9de29d788491d9310efcbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ab86bff-a678-4d24-8c74-b3d5fb6495e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4513
x-amzn-requestid: 32d9a3be-9964-4e53-a31c-ca4edffab306
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: acDxnGtTIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354b33d-371bb2cb770b34624ec753de;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 03:21:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RRQUYwIoEf89Y2igmq4tQv6t8vlve9jeJrPqCE5uWe0yoYAO-ytvtA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 08:16:58 GMT
age: 50020
etag: "bac869e97622c00d8ba2349ac03c6390229f8929"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:28:23 GMT
age: 52935
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dfalab.com.br/wp-content/plugins/jet-menu/integration/themes/astra/assets/css/style.css?ver=2.1.2
192.185.216.180200 OK 269 B URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/integration/themes/astra/assets/css/style.css?ver=2.1.2
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash eb78b9b0f7ef3ff5dc1ef404aefae6ed
40df481daeb46da44d7731b18532e98ab727057c
ee3fb1cac060091031e831ac3baaccb79f1fc0cb341c6761f78b3a802af27d28
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/integration/themes/astra/assets/css/style.css?ver=2.1.2 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 269
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.5
192.185.216.180200 OK 12 kB URL HTTP/2 dfalab.com.br/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.5
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (37905)
Hash ed0964f12327a431cef2d3d9c856b4b5
b8b672059d2902b3e23fda9fdac8eae8e06fae86
95bb27be588ed911a79ba3b6346de56d52d470c855e3422282c1a92d80d37221
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.5 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:33:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11503
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
192.185.216.180200 OK 5.3 kB URL HTTP/2 dfalab.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.185.216.180200 OK 17 kB URL HTTP/2 dfalab.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-contactform/blocks/src/assets/css/style-index.css?ver=1.1.3
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-contactform/blocks/src/assets/css/style-index.css?ver=1.1.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/ht-contactform/blocks/src/assets/css/style-index.css?ver=1.1.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:36 GMT
accept-ranges: bytes
content-length: 0
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.0
192.185.216.180200 OK 9.7 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45679)
Hash 9271d7d2daee0a027c7269753f4b367a
d7ae1ccf3ded9a7b9e0a70ae5a7446bb28a40b77
4b02e2dded005cff6d8067d90787c71b1676ee871d679d997511aceaad7b4ced
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-engine/assets/css/frontend.css?ver=2.10.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:45:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9654
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/document-gallery/assets/css/style.min.css?ver=4.4.3
192.185.216.180200 OK 329 B URL HTTP/2 dfalab.com.br/wp-content/plugins/document-gallery/assets/css/style.min.css?ver=4.4.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1079), with no line terminators
Hash aaad9982cb235930957bf4b8e363ca20
dc9be7151e8983a34cfa127b61952f47723db56c
59ab3885a74897e1469f4333775002b3fb02de3075d20f206c199d9d863763b8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/document-gallery/assets/css/style.min.css?ver=4.4.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 13:59:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 329
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
192.185.216.180200 OK 215 B URL HTTP/2 dfalab.com.br/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (426)
Hash 9d32642fe94e8f0ec70965b2352a4605
56763124e9a6ef28f1964eda3c8929b07db9f5b8
cf4d839276d4f6fe895ca1db07fb3854e9b87699c7881ccf893ce6b38042259d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 14 Dec 2021 11:55:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 215
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dfalab.com.br/wp-content/uploads/elementor/css/post-1535.css?ver=1656546889
192.185.216.180200 OK 623 B URL HTTP/2 dfalab.com.br/wp-content/uploads/elementor/css/post-1535.css?ver=1656546889
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3843), with no line terminators
Hash 164b105679208279c72ffa17c11a507f
c0923ae2f4192326c98b333697eacea146b9603a
930b162f876535bb87058c57da83949976727ed1f6ff727c21a42a777b47cdcb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1535.css?ver=1656546889 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 23:54:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 623
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/elementor/css/global.css?ver=1656516811
192.185.216.180200 OK 4.5 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/elementor/css/global.css?ver=1656516811
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20083)
Hash 64a6e9ce77760a64fb8e413626237990
49055ae7d8d34145f1a2ade1dd39c8855f965949
caa2a5ea937b13c9d47d9d920c9a0e62a235e182984950287b7ddc02de2bb857
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1656516811 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:33:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4482
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
192.185.216.180200 OK 7.1 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7112
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.9.0
192.185.216.180200 OK 7.0 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.9.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 25263841367aa66a6fb15073081fab82
4e1b86b35b33350ea98bbe99e6f3d356bfe271c1
c0febc6e68d35bad3ead3a6241041b9f8d95e7ae16202dca2d2622f089de9d7a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/animation.css?ver=1.9.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6981
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.9.0
192.185.216.180200 OK 11 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.9.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1028), with CRLF line terminators
Hash 26190acd7c55ff9712e1b4127e00e0f2
7d3d9dc9697e59dffb54ac738dac32a6ca38cc9f
eb7613c7d5c093ee7101cb03b8ac799e0f5cd48f56cf50e581ad6cff9a59e964
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/htbbootstrap.css?ver=1.9.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10910
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
192.185.216.180200 OK 12 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56994)
Hash 679996d5299138b293afbc795394dce1
0013e232c7148dada891b8e4c2f3b0e157ac8ef0
29200ae412911cd51e033d79d4cd22c3cebf0a8cab0bc3460ed5b444fc41e8cd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/all.min.css?ver=5.12.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12372
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.9.0
192.185.216.180200 OK 585 B URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.9.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 80fb313d60d9fe9e34829b3ca7124934
dcc4afdb85a1460bd06c1cc682cce35d8ec9f202
400f60aae89f3d5b5e02ff41438cbf2cdb7c9635a5013be14ab4813991337be8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/css/htmega-keyframes.css?ver=1.9.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 585
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/css/mega-menu-style.css?ver=1.9.0
192.185.216.180200 OK 3.0 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/css/mega-menu-style.css?ver=1.9.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (658)
Hash 5b2405ee5dabaddd4e6635863d7c3fc7
a3b243318667f2910f2ac2c8f47eba176b340d16
5cb9f7a1cc512b3cb012e1aa629eef3514bb36bc0a9fea2a37857c2286492178
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/css/mega-menu-style.css?ver=1.9.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3048
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
192.185.216.180200 OK 4.4 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26516)
Hash a1f6dbc278f1e8065888665c6f5401fa
a4773b7404f51ff32c42f5690e0d7d3c5b17081f
54c0e3379aa4f5aa469fbc17e0e3bab1df35cfe73ff6fdd901429ccecd18c863
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/font-awesome/css/v4-shims.min.css?ver=5.12.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4436
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/js/htmegamenu-main.js?ver=6.0.3
192.185.216.180200 OK 941 B URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/js/htmegamenu-main.js?ver=6.0.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7cee753fd6981b8d10935f083140bed9
5001d18b7df407647d1adcd16c5c3a2c2eb8ddb2
48c56bcf11bcbb4fe1fcb3cb1cfb0da784692b5080b0adcdb7a896f3b12e193a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/js/htmegamenu-main.js?ver=6.0.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 941
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/elementor/css/post-18.css?ver=1656516809
192.185.216.180200 OK 356 B URL HTTP/2 dfalab.com.br/wp-content/uploads/elementor/css/post-18.css?ver=1656516809
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1118), with no line terminators
Hash b8a9a3f579193afae611ffb18b286adf
4cd714a79197bd4de1c2703e7e1dc9ac08324538
e6ca706384fab0a42014350ff8ea10348eebc5deb45d4ddf929615dd51b4dd37
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-18.css?ver=1656516809 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:33:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 356
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2021/12/back-to-top-e1639483145394.png
192.185.216.180200 OK 1.4 kB URL HTTP/1.1 dfalab.com.br/wp-content/uploads/2021/12/back-to-top-e1639483145394.png
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 50 x 44, 8-bit colormap, non-interlaced\012- data
Hash 7248c78a34e1080dae43c860e28c5335
23302b06128b41d09fea4f0ced61d3b788273674
9e67cf94740b8a28dea74ddcd738f0bb4e10d2d9c92fdb97e00c853d5723fe13
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/12/back-to-top-e1639483145394.png HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 24 Oct 2022 22:10:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 14 Dec 2021 11:59:05 GMT
Accept-Ranges: bytes
Content-Length: 1376
Keep-Alive: timeout=5, max=75
Content-Type: image/png
dfalab.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.216.180200 OK 4.6 kB URL HTTP/2 dfalab.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
192.185.216.180200 OK 1.7 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1712
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/is-shallow-equal.min.js?ver=649feec00389556f8015a6b97efc1cb1
192.185.216.180200 OK 529 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/is-shallow-equal.min.js?ver=649feec00389556f8015a6b97efc1cb1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1062)
Hash ec00c3f0fb903fd1eb376526f531e87a
0655e4c81e84b771297a8131564792e1f6f1c268
bb9eb1177ecd3c06514173f7ff03c217123d8b1bc2894e21821d77a24b0e2c4e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/is-shallow-equal.min.js?ver=649feec00389556f8015a6b97efc1cb1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-menu/integration/themes/astra/assets/js/script.js?ver=2.1.2
192.185.216.180200 OK 142 B URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/integration/themes/astra/assets/js/script.js?ver=2.1.2
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 04831caec8032ab95d82a81b8e54464b
afbe0b3847bbbfee9d0d47a7e48dbd4b7983065b
01fbdc884789b264561945c8b1ab811b916a7cde64f65bddbeac6be862e58acc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-menu/integration/themes/astra/assets/js/script.js?ver=2.1.2 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 142
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
192.185.216.180200 OK 999 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 05e2ccec781ae289719bb26320d5cc40
60f3adc6dccea4df940d0f1579b83b06e715d0ed
1242f50bffe2d7745a712e1702f3f26a58d955fc110abf58599730fb6380a91c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 999
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
192.185.216.180200 OK 331 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (463)
Hash ba2b50662c393ff6ba69961f66b24d5d
d5694f33b1072b13fc4c3989e90252c0b28030a2
79ad638f020827a6db341526b430e65459aa712bfbdcabf28bb013c6b2c715e9
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 331
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
192.185.216.180200 OK 4.0 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19082)
Hash 1a51c193793d105fc6aaddfc3bc05349
238e509973276daa145be273af1aba0fbb3801bf
69e8578f795564941f826ab314ab57c83da7fb6ca7d9221c8df5f1e9081ae6e3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3978
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/block-serialization-default-parser.min.js?ver=8ee151736a1e51db2bafbb61ddd60634
192.185.216.180200 OK 1.1 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/block-serialization-default-parser.min.js?ver=8ee151736a1e51db2bafbb61ddd60634
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with very long lines (2402)
Hash d57a1082f35a12ef5fbed249dff1d2d7
5ca84b72d38867186d9c8a6358e7eaa8081d52a0
2b6ef0efbe818dbebd4feddd665dd116cde23b0746bfb32da9739eb31c7e11d6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/block-serialization-default-parser.min.js?ver=8ee151736a1e51db2bafbb61ddd60634 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1137
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/deprecated.min.js?ver=96593d5d272d008fbcb6912fa0b86778
192.185.216.180200 OK 513 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/deprecated.min.js?ver=96593d5d272d008fbcb6912fa0b86778
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (777)
Hash d258697e291ff7469c77a0dcea310309
b25e1a246ade33d3f431aa38234134bf87e200c7
9f9ba1386b6c6ff19d40aa20c2f9c9c35c355db8386d8edf8cef61a3582d77da
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/deprecated.min.js?ver=96593d5d272d008fbcb6912fa0b86778 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 513
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/autop.min.js?ver=21d1d6c005241b908b592f52ad684a28
192.185.216.180200 OK 2.3 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/autop.min.js?ver=21d1d6c005241b908b592f52ad684a28
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, ASCII text, with very long lines (5703)
Hash 41025c06e0058c306134ce8d6dfd8748
8fa60de0c6275cc9b8f085e40f4e7cdd06d266c4
dc0589785b6534132ac48e472f6e086c38dbd2e69993f9227554cdf9d396029f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/autop.min.js?ver=21d1d6c005241b908b592f52ad684a28 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2347
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/element.min.js?ver=3dfdc75a0abf30f057df44e9a39abe5b
192.185.216.180200 OK 4.7 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/element.min.js?ver=3dfdc75a0abf30f057df44e9a39abe5b
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10925)
Hash 49fb1b84f866014a6d6b500d4cfac0d8
6100ecf00b9e34b645ae1278823543c0dc8aa17b
6c1908fc15fc5d723d0dee02865dbe0720b44ce310ec6ea4598fde9b3b5b5c91
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/element.min.js?ver=3dfdc75a0abf30f057df44e9a39abe5b HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4690
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.5
192.185.216.180200 OK 5.6 kB URL HTTP/2 dfalab.com.br/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.5
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16732), with no line terminators
Hash 50b20169ea6b23c004b39a457b5b276e
a1dd7eefd77751aa9dea175ffde9b28ea0375794
2cdf4490949164694f164e610cb4c69915f072f4356d111b52258dc1e9dce637
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.5 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:33:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5573
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/blob.min.js?ver=87cf2365cd719a6954f1e2bb8bcc692a
192.185.216.180200 OK 484 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/blob.min.js?ver=87cf2365cd719a6954f1e2bb8bcc692a
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (917)
Hash b93f070549183dc4a70f859b57735f7e
7ab06ec91870d2a4b85c9cf08baff4305dad980c
f1fd737793b156fbcb5d54e00751ab80a5e465e5a0f2bf1a70a1f65a5b55524b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/blob.min.js?ver=87cf2365cd719a6954f1e2bb8bcc692a HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 484
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/api-fetch.min.js?ver=63050163caffa6aac54e9ebf21fe0472
192.185.216.180200 OK 2.5 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/api-fetch.min.js?ver=63050163caffa6aac54e9ebf21fe0472
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5290)
Hash 37a7a3c25f04d7906b0579632ac1de33
33004e6bb51b396b0fc05cc0d6bec880b4686942
c8594f2ea040848c598f49e8e7c5aac8f758522de252e1137fd62ec29b319f00
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/api-fetch.min.js?ver=63050163caffa6aac54e9ebf21fe0472 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2518
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/url.min.js?ver=16385e4d69da65c7283790971de6b297
192.185.216.180200 OK 2.1 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/url.min.js?ver=16385e4d69da65c7283790971de6b297
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (4852)
Hash 4404336fd6897de94e31ceb15dc5cc24
e1e69466fab27667e4671beeab440fd1fe9d3c70
26b6f1b02374ff3081f48c9c392a5cabc6cd8520a99eb3a362a945a240fed01b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/url.min.js?ver=16385e4d69da65c7283790971de6b297 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2134
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
192.185.216.180200 OK 4.2 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a72df5f7a597c541e18a33abef3c11f5
9500913a0a3fca9979a0aed9cb745926d9f86f83
258da631753c1d8d88fb1316024b671fa4a9ac87c9d6c4f38a45bc2c3bf9f3fc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4234
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/dom.min.js?ver=3c10edc1abf3fbbc79f17fd7d1d332eb
192.185.216.180200 OK 5.3 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/dom.min.js?ver=3c10edc1abf3fbbc79f17fd7d1d332eb
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12653)
Hash 4299dadbf3128fb47bd956370c67b338
4659f3904b8e9c6bc2680fb62572296e5464cf14
eac22404fd824528340e3b8c5ba65d6f3c12a0b378b5d91ba0d029b9b56aa3e6
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/dom.min.js?ver=3c10edc1abf3fbbc79f17fd7d1d332eb HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5327
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/keycodes.min.js?ver=84a0e6bbcf0b9e1ea0184c3f2bf28022
192.185.216.180200 OK 1.4 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/keycodes.min.js?ver=84a0e6bbcf0b9e1ea0184c3f2bf28022
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (3126)
Hash cbab1e71d40fcb594beea6f061bbbcd3
202e76633b9d6188158b46ae0e2627b0f9ed5bef
e648346de1b67d7a3fe24f8a597934687cfd96a2928b2710c98b59f957ac30ac
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/keycodes.min.js?ver=84a0e6bbcf0b9e1ea0184c3f2bf28022 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1377
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/escape-html.min.js?ver=00a5735837e9efe13da1d979f16a7105
192.185.216.180200 OK 544 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/escape-html.min.js?ver=00a5735837e9efe13da1d979f16a7105
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1104)
Hash f3903c03392b2b1cab9779afe87aa161
e1e86bebb2bebe2fa4ed4cc5e1bc771de27d9758
4cd5a187386a39e4155d2a940b20c039b15862d88c5423ccab9cbeb559ee3cc9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/escape-html.min.js?ver=00a5735837e9efe13da1d979f16a7105 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 544
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/css/font-awesome/css/all.min.css?ver=6.0.3
192.185.216.180200 OK 12 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/css/font-awesome/css/all.min.css?ver=6.0.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56994), with CRLF line terminators
Hash 01edb5828a8d2efe3309d16e05f789bf
e9b4310063239a4fa48c44871566822485146aa6
bd1ab1bd3269271b77e7ec726d02b40b1a03a75024b5a41bc1018dc85d77f532
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/extensions/ht-menu/css/font-awesome/css/all.min.css?ver=6.0.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12377
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.1.2
192.185.216.180200 OK 11 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.1.2
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3d4c952b0993f776ed3f70d28ddc19b3
7e92af39c83a11cf3536cded848c6e97ce60cab3
73b3ff37db23419baf48e94fe57aa8e7fd0f689622aa023ea8c9f9a0dcc1b418
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/css/public.css?ver=2.1.2 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10944
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/html-entities.min.js?ver=c6385fb7cd9fdada1cf8892a545f8a26
192.185.216.180200 OK 451 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/html-entities.min.js?ver=c6385fb7cd9fdada1cf8892a545f8a26
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (802)
Hash edddf94c2788e77e684ee0109254f6c4
556b31b4bf68426983b4cea660e5a7603633c8ee
054a66b4bc15b5b05140659269ab0962af405dd17f11f4aec6131f36d4375914
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/html-entities.min.js?ver=c6385fb7cd9fdada1cf8892a545f8a26 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 451
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
192.185.216.180200 OK 4.9 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11082)
Hash b725a8dd8c43cfde32eb6e5a8022a56c
e20b1ff3f34a8c093fe1db28c8ff2b3c1f1e6475
8952ccc0253b7045512ea80e9319dd51f6e812ef6abf0eba5fc72553a689b454
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/react.min.js?ver=17.0.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4893
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.9.0
192.185.216.180200 OK 8.1 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.9.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18860)
Hash f05511310555b26778bf5b09b70f4f27
66232ff8d33e8cd4e13c09503eaf69d9773b1376
487e5d8df39e2f26d0ce062405af92589595462bc264101c98709538214dc00a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/popper.min.js?ver=1.9.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8053
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.185.216.180200 OK 8.3 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8254
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/token-list.min.js?ver=4ebce6423dfff99d40033fd33ce52cc9
192.185.216.180200 OK 673 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/token-list.min.js?ver=4ebce6423dfff99d40033fd33ce52cc9
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1491)
Hash 40bd28d5af483b904fd8c634e66f19f2
efbbf6ab55c5c9ccec969c139d40a19f72098387
9df5f97479b49cb17ca3ef901d4affea045ba43970b8e3d19d462cf712a75071
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/token-list.min.js?ver=4ebce6423dfff99d40033fd33ce52cc9 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 673
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/notices.min.js?ver=e44820c667bf205cacdfc48cbeb3c2e6
192.185.216.180200 OK 979 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/notices.min.js?ver=e44820c667bf205cacdfc48cbeb3c2e6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2364)
Hash 3b308560a3e6c699af6b83833a3eedd3
bb99025b76b2d0d74f7d9f385e0e979176181301
f1a6f00e6c37e12e1c1222adb5cfe4a86f73decba0d8c8d2edadfab356d6d564
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/notices.min.js?ver=e44820c667bf205cacdfc48cbeb3c2e6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 979
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/keyboard-shortcuts.min.js?ver=37fdd241f3be3126e9248060e363e7c9
192.185.216.180200 OK 2.0 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/keyboard-shortcuts.min.js?ver=37fdd241f3be3126e9248060e363e7c9
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4531)
Hash 9305188293467082525fe7948238744d
b575f7ca0373c84d37ecf4d6846d9e664b83fd53
42e644b9d40630954cf99f213b10e73e5f7b68788223bea75bd368e58f9abaad
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/keyboard-shortcuts.min.js?ver=37fdd241f3be3126e9248060e363e7c9 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1987
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
192.185.216.180200 OK 2.7 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/primitives.min.js?ver=cadf5cfaabdb15c8c8fc440547afe919
192.185.216.180200 OK 1.1 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/primitives.min.js?ver=cadf5cfaabdb15c8c8fc440547afe919
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2153)
Hash 4521684c27d00351771dcb50892a8eaf
b1b1872be32b575e28b1807a121ba66ea4916cec
c741908aa6aa79a07443184a59aac9435e793049113ec4219b466fcab51c1459
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/primitives.min.js?ver=cadf5cfaabdb15c8c8fc440547afe919 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1057
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/extensions-for-cf7/assets/js/conditional-field.js?ver=1666649437
192.185.216.180200 OK 2.0 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/extensions-for-cf7/assets/js/conditional-field.js?ver=1666649437
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 0b50ede33e51048477e0193d1a916c07
ed525041281dacc8058ac697c9677c5b0c44674e
c680db51a93884e8086e06922feea8fdb0b77e45be7cafded9e55e9452cd4a8b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/extensions-for-cf7/assets/js/conditional-field.js?ver=1666649437 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1995
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/document-gallery/assets/js/gallery.min.js?ver=4.4.3
192.185.216.180200 OK 1.5 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/document-gallery/assets/js/gallery.min.js?ver=4.4.3
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (524)
Hash f3acdc829449c0042d54b10e51c54570
2b6d5a1d382368ae2dbd46204cfb2a3a595423d5
85b76c43b17a5b678696a85f065e936d37381670ec894c8cdb6fdea35c5bb443
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/document-gallery/assets/js/gallery.min.js?ver=4.4.3 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 15 Dec 2021 13:59:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1497
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/compose.min.js?ver=e52c48958a19b766c6a9d28c02d53575
192.185.216.180200 OK 14 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/compose.min.js?ver=e52c48958a19b766c6a9d28c02d53575
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (33731)
Hash fb664cb31a7d253134c84345c45ac1e5
d874a0aa38f997d05018bda5f2f5749a7381e957
adcf6deee07f518e0237b36cf5073a07263c5a903e920b6a598c0fa9ca5d0931
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/compose.min.js?ver=e52c48958a19b766c6a9d28c02d53575 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13675
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/redux-routine.min.js?ver=5156478c032ea85a2bbdceeb7a43b0c1
192.185.216.180200 OK 3.2 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/redux-routine.min.js?ver=5156478c032ea85a2bbdceeb7a43b0c1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8872)
Hash a3083a28a8e51da98ee030198ac2fbfc
dd22a09c105c1650474526ea6f8ad573c8945402
5010d14ac96d87ac37fea85d1c85ee16cf22ddab282b9e799e77834b01aa0f28
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/redux-routine.min.js?ver=5156478c032ea85a2bbdceeb7a43b0c1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3222
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/extensions-for-cf7/assets/js/redirect.js?ver=1666649437
192.185.216.180200 OK 873 B URL HTTP/2 dfalab.com.br/wp-content/plugins/extensions-for-cf7/assets/js/redirect.js?ver=1666649437
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3a157507bd3107501efbb1e9b0abb1c3
137b4651c272f19d3d0da3c8ca7c5877dbabdb5f
5e62565e75c106717af7291a3321cf768206f82a4f32d200607d1d4971ea6cac
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/extensions-for-cf7/assets/js/redirect.js?ver=1666649437 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 873
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/wordcount.min.js?ver=fb8056c75aa0a0569f7ea3ceae97fbc6
192.185.216.180200 OK 1.1 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/wordcount.min.js?ver=fb8056c75aa0a0569f7ea3ceae97fbc6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type exported SGML document, Unicode text, UTF-8 text, with very long lines (2578)
Hash facc855e6de6ef62f735df5af4781fc6
308506af49eb073adc7ecbe242d27de2e7582a9b
a33dc497123915b081258d9aa97f8f4f6d6dcd9a54c258c08bf90e8f462d638e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/wordcount.min.js?ver=fb8056c75aa0a0569f7ea3ceae97fbc6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1093
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/priority-queue.min.js?ver=efad6460ae6b28406d39866cb10731e0
192.185.216.180200 OK 609 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/priority-queue.min.js?ver=efad6460ae6b28406d39866cb10731e0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1026)
Hash bb9df0046d65a6b59478411efec7b08e
b949a72609054e195f368182118aad3b3ef6b72e
15a28e7c643a5edbcac2501bb7cc51bc80d1ee9dd77a26d7af12a10320de4679
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/priority-queue.min.js?ver=efad6460ae6b28406d39866cb10731e0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 609
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
192.185.216.180200 OK 737 B URL HTTP/2 dfalab.com.br/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (543)
Hash 9da5e48500888328ff314cb371f52cd2
bdd02af36c414a0bf60bc4fc82e14c4ece354726
3858c8bd6f92c3b29fc437061c01fa4f9b1b8e2ca7e8e888ff5babbd4a81ae05
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 14 Dec 2021 11:55:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 737
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.1
192.185.216.180200 OK 2.4 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4922)
Hash 25abbe00f5c778cf42cb9291b368de33
c2f1aa684197d054449c61fec7e0e9f78ce8b476
e441b0c2b8295a052cfabc682e1072de782fb18d79bfdf26879c5f0a68acc644
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.5.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Dec 2021 17:33:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2355
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
192.185.216.180200 OK 2.3 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4921)
Hash 0f2df17cffcbc8959f28d65631475e50
70ae8fadf488f06b31147734fe9df4197e16ca71
bd0305380b3f6a687429ea9e20ce3aaca986e883634a80a1c85724ebc9e95b9d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2315
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=1.9.0
192.185.216.180200 OK 3.2 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=1.9.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8864)
Hash 4f6beb6fab827bf736dfc1fe72782de9
2bde889e11a1dd7385453eec3608d356e5a2ad5d
c8b69fea55241bfb28eb41054fe6247166d77d4379a4a6c917d8a069cd1992c7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/ht-mega-for-elementor/assets/js/waypoints.js?ver=1.9.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3217
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
192.185.216.180409 Conflict 83 B URL HTTP/2 dfalab.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.5
192.185.216.180409 Conflict 83 B URL HTTP/2 dfalab.com.br/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.5
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.8.5 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
192.185.216.180200 OK 5.7 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14238)
Hash 1cf1ebf578496242b8df0679d7fcb63b
0006d36356fe5d7889aa60db5ab9eb04b9c8e984
0646b202f0fcc3f3257fe0cc59d987a7a910b644ab1b4e0e18aeea04fc337f06
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5676
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/warning.min.js?ver=b9190af8fc6a3a48c580473c6f337b88
192.185.216.180200 OK 274 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/warning.min.js?ver=b9190af8fc6a3a48c580473c6f337b88
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (357)
Hash cf97983f6b01306359213f1fcbb0f0ec
8fbafdca316e7281c79bc8a31383290e9ebb1922
fd4e1790903e208061efe199f506d9078290105092422f18be03a4dfce1bfd8b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/warning.min.js?ver=b9190af8fc6a3a48c580473c6f337b88 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 274
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/shortcode.min.js?ver=d6964e945049b6190adc8770cda168c4
192.185.216.180200 OK 1.6 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/shortcode.min.js?ver=d6964e945049b6190adc8770cda168c4
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3226)
Hash 737b8d500fbf94f3b148fe8e380c2ea6
e450ba3c94d025df526082b7c49cd5e6453b97de
f0c643f7930fe5009b336dda25482e3b4c059ecc9244ea6679400d7f9084ede4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/shortcode.min.js?ver=d6964e945049b6190adc8770cda168c4 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1578
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/
192.185.216.180200 OK 55 kB IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41531), with CRLF, LF line terminators
Hash 513371a7da730e08dac7fb3e04e979ac
b11388b96674897ad4672d36af36e425d15c412a
ef97bce6b49e5d7997597664da09f141c1998a98295b352bfa45ff9192e5dea5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://dfalab.com.br/wp-json/>; rel="https://api.w.org/", <https://dfalab.com.br/wp-json/wp/v2/pages/1535>; rel="alternate"; type="application/json", <https://dfalab.com.br/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 22:10:36 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/data.min.js?ver=6c1ab5799c4b061254d313d2d8d9fb87
192.185.216.180200 OK 10 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/data.min.js?ver=6c1ab5799c4b061254d313d2d8d9fb87
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27766)
Hash d52901acb837af8ea49448f304d8e50b
d5441bf8b7c488de06870d9ad3a0352a849c298c
b921b7983b70ae25a980d20c8b984d7184415e1543c83af691f38316189c74b3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/data.min.js?ver=6c1ab5799c4b061254d313d2d8d9fb87 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10302
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 142.250.74.10:0
Hash 70fda70c87c141f086d649712a668e31
a2d80c412108a2d20fae07bcd5c8139d1af85761
fe157f55021ba499830e2cc9bcc70c737cdca5012bcd3abca3a90def05b3f638
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 24 Oct 2022 22:10:39 GMT
date: Mon, 24 Oct 2022 22:10:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/rich-text.min.js?ver=e7d57502b62ec4756783a0cd79238841
192.185.216.180200 OK 14 kB URL HTTP/2 dfalab.com.br/wp-includes/js/dist/rich-text.min.js?ver=e7d57502b62ec4756783a0cd79238841
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (35439)
Hash a93eeddb49ab8fdbe00d1cc2c8966ae7
79d26fdbb6e3f8c9d266970b7518751b8a1ab33c
238f637a60231e6d9e98d4fbb048a928cc9479c0b60951b1bcd7d2330b46b6d0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/rich-text.min.js?ver=e7d57502b62ec4756783a0cd79238841 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 May 2022 10:39:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13976
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.1
192.185.216.180200 OK 7.2 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20250)
Hash 2a6a093da2678e4ee117df7b61ef7172
85ae122e7c6761f10e67799331efd1c19b80f9c6
db848be714f24d9ec9d9b53a1056904ddfd2aa9078bf35b5d492663a8187093a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.5.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Dec 2021 17:33:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7165
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
192.185.216.180200 OK 15 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (37702)
Hash d1a1631662d3909e8d27aacda61dc719
9082925aa4bbef724ed437934ea509d17bc2fc14
8b3c739a668b60ce9b687c9293e4961fb5aacf6abef2f2a180f36f71898316fb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14706
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
192.185.216.180200 OK 3.7 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/widgets-scripts.js?ver=2.1.2
192.185.216.180200 OK 4.0 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/includes/elementor/assets/public/js/widgets-scripts.js?ver=2.1.2
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2070)
Hash d10bbdeb737dda9e55fa4f079edf35c6
4320367b601240b2707a8d30b559bf393fb05976
df0d8a7ba01729ac57c408cce347c271ad549c7a712563cd2f3087325568b224
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/jet-menu/includes/elementor/assets/public/js/widgets-scripts.js?ver=2.1.2 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3963
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.185.216.180200 OK 8.2 kB URL HTTP/2 dfalab.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8169
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.1
192.185.216.180200 OK 6.9 kB URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24241)
Hash c0a74262fe250f03ee19abe64c11c751
57433b693a30cd52a9b5bf7fd46d5c066f5bffb6
3708ce247f74ee38674626abfdb292d44e8ae4d2a138da55dc6e1048a8d2ccc6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.5.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Dec 2021 17:33:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6909
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
192.185.216.180409 Conflict 83 B URL HTTP/2 dfalab.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfalab.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 441392
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dfalab.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 16:04:44 GMT
expires: Sat, 21 Oct 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 281156
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 24 Oct 2022 22:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dfalab.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
192.185.216.180409 Conflict 83 B URL HTTP/2 dfalab.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/logo-e1648481282695-pmjchpsnahvv94gdzqdi02m939g0zeplqjw78iggcq.png
192.185.216.180200 OK 8.1 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/logo-e1648481282695-pmjchpsnahvv94gdzqdi02m939g0zeplqjw78iggcq.png
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 180 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash c645d670131582452cfe9d890ba8d13e
4bbc1596cfa591e6b13a233120721d839c8d2f78
9083db9f78faaf3ee190da9f53d446ebb785b183ab26f04168367ae2033649f0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/logo-e1648481282695-pmjchpsnahvv94gdzqdi02m939g0zeplqjw78iggcq.png HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:04:29 GMT
accept-ranges: bytes
content-length: 8117
content-type: image/png
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/logo-1-300x70.png
192.185.216.180200 OK 12 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/logo-1-300x70.png
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2ead2270721d16676de1ccc2794c4f
5ffeb9c943f6ca03374f0e1d46b88df67b68e6c4
deb4bb72c782dc9c03bfeb3c6d47642e098284ac2b09b0b7bae3b7a0f9870b17
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/logo-1-300x70.png HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:04:27 GMT
accept-ranges: bytes
content-length: 11475
content-type: image/png
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/Logo-howden-obvx50ep5jl5w47mmeyscc4ysu3hfahpqkzrfhxu7m.png
192.185.216.180200 OK 6.9 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/Logo-howden-obvx50ep5jl5w47mmeyscc4ysu3hfahpqkzrfhxu7m.png
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c02977ba3bedaf168e65a9e24383b4c
ddd3da2c4c1c006ceea4212f7e918f9fea59fee0
6d117f35c5116a40ee667973358df1c4d9e3e544ad186b44012fcc9e4fdc1e2a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Logo-howden-obvx50ep5jl5w47mmeyscc4ysu3hfahpqkzrfhxu7m.png HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:04:30 GMT
accept-ranges: bytes
content-length: 6932
content-type: image/png
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/via-startap-300x129.jpg
192.185.216.180200 OK 571 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/via-startap-300x129.jpg
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 300x129, components 4\012- data
Size 571 kB (571205 bytes)
Hash 674e1e19e675efb7462d1c9bb8c9ed88
01f8952c6da128888c3cd53507dc0e0d60ac200d
cd2303b1d1c56d6e6b099fe26316017b8ab21e041ed07c63a8a5c9c6152897e4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/via-startap-300x129.jpg HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:29:45 GMT
accept-ranges: bytes
content-length: 571205
content-type: image/jpeg
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/greenbank-1-300x129.jpg
192.185.216.180200 OK 577 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/greenbank-1-300x129.jpg
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 300x129, components 4\012- data
Size 577 kB (577446 bytes)
Hash 0d024a003014175e1834d8938bf6d7e9
b14d5df3fbac3a831bfd39170aef44464f6bc2f5
3870575daa71d9bcfa548de12b0747c33c58accadb4d49e8809e43bad61e8083
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/greenbank-1-300x129.jpg HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:27:26 GMT
accept-ranges: bytes
content-length: 577446
content-type: image/jpeg
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/fluitek-1-300x129.jpg
192.185.216.180200 OK 576 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/fluitek-1-300x129.jpg
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 300x129, components 4\012- data
Size 576 kB (575927 bytes)
Hash 2fe457bedcc7960634f92ab25db5031f
44b9195259ab97d3863b50c1a61a25d83cc13417
366255acf2bc49c84450daaba72585a568031f11ba32953b12b221299592069a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/fluitek-1-300x129.jpg HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:26:18 GMT
accept-ranges: bytes
content-length: 575927
content-type: image/jpeg
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/uploads/2022/06/Logo-scapex-1-300x129.jpg
192.185.216.180200 OK 583 kB URL HTTP/2 dfalab.com.br/wp-content/uploads/2022/06/Logo-scapex-1-300x129.jpg
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 300x129, components 4\012- data
Size 583 kB (583329 bytes)
Hash 4c83a3aaa78df3ea3cd57c8b34d793af
89c8ae6ea9e67da7158bbd08ca0aa2828c103ef5
386b7f0b2bfe74728f92e828034b759295e79a3054b6dbd59e74de17e9150029
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/06/Logo-scapex-1-300x129.jpg HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 20:28:40 GMT
accept-ranges: bytes
content-length: 583329
content-type: image/jpeg
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/favicon.ico
192.185.216.180200 OK 101 B URL HTTP/2 dfalab.com.br/favicon.ico
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 460a0af1a05e4fc71f1021d3a727d529
c35bdc6fd17459b45fce74e47418e3f75aeff2d3
817cd6c6d51743e7d0a7628fd5d278defcd9a733d05400420247b1db34d4e12c
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
set-cookie: ht_rr=1; expires=Tue, 25-Oct-2022 22:10:40 GMT; Max-Age=86400; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 101
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 22:10:39 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/blocks.min.js?ver=658a51e7220626e26a92a46af5c2e489
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/blocks.min.js?ver=658a51e7220626e26a92a46af5c2e489
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/blocks.min.js?ver=658a51e7220626e26a92a46af5c2e489 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Jun 2022 15:32:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.1
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.5.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Dec 2021 17:33:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/jet-menu/assets/public/lib/vue/vue.min.js?ver=2.6.11 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Mar 2022 13:46:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/components.min.js?ver=76c5a4c54d97b02824ed3d3b164c2811
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/components.min.js?ver=76c5a4c54d97b02824ed3d3b164c2811
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/components.min.js?ver=76c5a4c54d97b02824ed3d3b164c2811 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 15:54:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/date.min.js?ver=e923a564a0407e0c2ffcbd348817ca86
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/date.min.js?ver=e923a564a0407e0c2ffcbd348817ca86
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/date.min.js?ver=e923a564a0407e0c2ffcbd348817ca86 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 15:54:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 13:57:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/block-editor.min.js?ver=1aaefec40aaf345b5e6e969304e78e07
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/block-editor.min.js?ver=1aaefec40aaf345b5e6e969304e78e07
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/block-editor.min.js?ver=1aaefec40aaf345b5e6e969304e78e07 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 15:54:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2
dfalab.com.br/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
192.185.216.180200 OK 0 B URL HTTP/2 dfalab.com.br/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
IP 192.185.216.180:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19 HTTP/1.1
Host: dfalab.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dfalab.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 24 Oct 2022 22:10:38 GMT
server: Apache
X-Firefox-Spdy: h2