r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5711
Expires: Mon, 20 Mar 2023 17:28:42 GMT
Date: Mon, 20 Mar 2023 15:53:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12169
Expires: Mon, 20 Mar 2023 19:16:20 GMT
Date: Mon, 20 Mar 2023 15:53:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 15:27:17 GMT
content-type: application/json
age: 1574
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5285a032a285729d3e4a546310ed052d
d370c14bbc2d168cc3703bcb6b94ea0ece26e69d
a811aac1eb89de0666a7de8d3eda1dc3affa7ce5353219211a1beee1211536b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A811AAC1EB89DE0666A7DE8D3EDA1DC3AFFA7CE5353219211A1BEEE1211536B5"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Mon, 20 Mar 2023 17:50:45 GMT
Date: Mon, 20 Mar 2023 15:53:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ISPPVeuxUPNhVBDwewN8QZEx/SlgXojYFXjAKGiDgX4FRP/USwrNkPDvn/+bY6oYjDh7qvDVUXI=
x-amz-request-id: CPQVKC5AA5T6SW63
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 14:58:44 GMT
age: 3287
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 15:53:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 15:17:21 GMT
age: 2170
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
144.217.146.170301 Moved Permanently 0 B URL HTTP/1.1 institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
IP 144.217.146.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email= HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Mar 2023 15:53:31 GMT
Server: Pyxsoft Pxshield
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Keep-Alive: timeout=5, max=100
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
X-Origin-Time-Delay: 571.548404ms
X-Server-Mode: proxied
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5818
Expires: Mon, 20 Mar 2023 17:30:30 GMT
Date: Mon, 20 Mar 2023 15:53:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31d75f3517161d0521215331252834da
db746499ee0b54f9bf46db3dbb9ef535c98a0d7a
0243d0271854315578ec6f322be3f44c79311ca8c778baf6f35f50a4c1dc904a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0243D0271854315578EC6F322BE3F44C79311CA8C778BAF6F35F50A4C1DC904A"
Last-Modified: Mon, 20 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Mon, 20 Mar 2023 21:53:17 GMT
Date: Mon, 20 Mar 2023 15:53:32 GMT
Connection: keep-alive
push.services.mozilla.com/
34.215.11.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.11.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DWnUyDJswchjROWaKbA4Lw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2hNl6E1GF9ljCDetM9pACr5ayao=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5864
Expires: Mon, 20 Mar 2023 17:31:17 GMT
Date: Mon, 20 Mar 2023 15:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5864
Expires: Mon, 20 Mar 2023 17:31:17 GMT
Date: Mon, 20 Mar 2023 15:53:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5864
Expires: Mon, 20 Mar 2023 17:31:17 GMT
Date: Mon, 20 Mar 2023 15:53:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07289211ce045b31693c7bb59c06f338
210abec1182bb94b9d0e48827ecb8023611c4489
808b7bfa4b75cfb91e003d6375802da7d2719de29d4f64776dea57992b7632c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5311
x-amzn-requestid: 3e000f36-3e2a-4008-950b-2e9f83306e51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w3eFmtIAMF7EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e95-1b9e4cc8033920ea365de22f;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BMPxweRO692tG89Nk-DTd66mRNA9UwvlKmflVkF6qbtjNRQjQubNiA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:03:37 GMT
age: 64196
etag: "210abec1182bb94b9d0e48827ecb8023611c4489"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 31725
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:44 GMT
age: 63529
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 388_JExXl_vwNTUh_69QfjoGz-cNeQwwrp6kpAP1Hhv3VvtgeeXbrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:55:31 GMT
age: 64682
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5aa79770d71507827e79149031b5cf
338ee74f53fac2b19a90981bc4b02a3c3722a1fa
81df6f2312df6e488ae91c172ecf872d694497ffe80500f71eb97e6c06ff5f5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: dfaf4924-b8c3-4b6b-a079-7c3903fdf4fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVjGJyIAMFS9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f56-6379351b215dc2d9638de9ea;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XYA6F9VzUqxozJS4OsX-TKy81mOHUB7N6L7rkCaQJmXe5n-a_Zce-Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:51 GMT
age: 63462
etag: "338ee74f53fac2b19a90981bc4b02a3c3722a1fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 08:59:45 GMT
age: 24828
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
144.217.146.170404 Not Found 152 kB URL HTTP/1.1 institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
IP 144.217.146.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25390)
Size 152 kB (151622 bytes)
Hash 179c7bc4c40956581d0a4e440fef7053
5f5a29827f44ff78c885f6573518ae853683abbc
0496c6558a925860166b7bc875dc1481f9edd8659bed0eea1b30a385e26802e6
GET /sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email= HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Mon, 20 Mar 2023 15:53:32 GMT
Server: Pyxsoft Pxshield
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://institutoandrecamurca.com.br/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Keep-Alive: timeout=5, max=100
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
X-Origin-Time-Delay: 1.38864392s
X-Server-Mode: proxied
institutoandrecamurca.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
144.217.146.170200 OK 2.7 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 144.217.146.170:0
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 2731
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:33 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:09 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
institutoandrecamurca.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
144.217.146.170200 OK 19 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 144.217.146.170:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 18617
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:33 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:54 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/style.css?ver=6.0.3
144.217.146.170200 OK 785 B URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/style.css?ver=6.0.3
IP 144.217.146.170:0
Hash c083d9efce0341d24212aeb8df99b394
4c7c2e638004114c7c399824c5a5de95f931cec4
d0835a3f8abe0e3152af7899e2aa9662c3840c505a518eaa47498c821d28de16
GET /wp-content/themes/phami/style.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 785
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/jquery.fancybox.css
144.217.146.170200 OK 3.6 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/jquery.fancybox.css
IP 144.217.146.170:0
Hash 66672d88d622309ed6c16ef5a5627292
9772db0c92d1d63f81c1520bc4b1f38aaaa970ac
b4c0d39612821ed08aa65bb0038958c413eb1989ebc147df3bfeb75fe060801f
GET /wp-content/themes/phami/css/jquery.fancybox.css HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/css
Content-Length: 3554
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/jquery.circlestime.css
144.217.146.170200 OK 471 B URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/jquery.circlestime.css
IP 144.217.146.170:0
File type ASCII text, with CRLF line terminators
Hash 72acc8876c5261cde42de2e20e42eda6
4afe3d042d5b3efc2ac79cf38ad8264b348a6e7c
6a7051a5c42ce16aa73bc239ccc039607905c1111b1edd9dca5d4dde48941d22
GET /wp-content/themes/phami/css/jquery.circlestime.css HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/css
Content-Length: 471
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/slick/slick.css
144.217.146.170200 OK 3.3 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/slick/slick.css
IP 144.217.146.170:0
Hash e5bddc8219a627810978dd5a2fd7fe2b
bb13a54db720d150addabcb624fe68d51bf7345e
f0fb7797d62c15578d3f43600cd839d39767e5531d3d726a607f10fddfd304fc
GET /wp-content/themes/phami/css/slick/slick.css HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/css
Content-Length: 3330
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
144.217.146.170200 OK 89 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 144.217.146.170:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 88932
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:33 GMT
Last-Modified: Tue, 12 Jul 2022 17:15:09 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
institutoandrecamurca.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.6
144.217.146.170200 OK 59 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.6
IP 144.217.146.170:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash bf89fa442ff51caedcc10e83252ab9d0
2d15d3f506ca18a726d41413dc6211287b54ad2e
b96d4f97d6110c82c0751efa039bb0ef4f2348b105062ba62ca09260361449de
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.6 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 59141
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 21:15:04 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
institutoandrecamurca.com.br/wp-content/themes/phami/css/materia.css?ver=6.0.3
144.217.146.170200 OK 48 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/materia.css?ver=6.0.3
IP 144.217.146.170:0
File type ASCII text, with CRLF line terminators
Hash d5e3e2452e727e95b0c2679edf104391
ae3e8e402934bde3812accac22bc5e02957688db
89b4623bc901c8aa9a38de2068e974348889aa4d65048f63f8be3d5c43af8f0d
GET /wp-content/themes/phami/css/materia.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 47784
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/elegant.css?ver=6.0.3
144.217.146.170200 OK 24 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/elegant.css?ver=6.0.3
IP 144.217.146.170:0
File type ASCII text, with very long lines (6250)
Hash c6c1321229d1ffcb3d3f3ce3898e62f1
aa5e37b85f18015352c830849d1d1f801ce3db3c
b7ad40bd442df4b4f8b55e443c173798d450477a82efe42087a11f101ec0614d
GET /wp-content/themes/phami/css/elegant.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 23785
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
144.217.146.170200 OK 31 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 144.217.146.170:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 30999
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/ionicons.css?ver=6.0.3
144.217.146.170200 OK 55 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/ionicons.css?ver=6.0.3
IP 144.217.146.170:0
File type Unicode text, UTF-8 text, with very long lines (19493)
Hash b54d7ec3abad43ce0944786282d2f0f5
9baf2a59df6693cd705c499882bdb79e452d0202
9a47213e108efb1ab70bec037e5d1f6bf633bea92d421fd3c5ee78e1dbac23a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/css/ionicons.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 54952
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/jquery.mmenu.all.css?ver=6.0.3
144.217.146.170200 OK 57 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/jquery.mmenu.all.css?ver=6.0.3
IP 144.217.146.170:0
File type ASCII text, with very long lines (10038)
Hash ca21a83005be15d1c99b117a697d7bd5
b6500212926dbd54d6eb121490d3c395ee665e62
882396292aa98cb842b7dd54503f4652cb114cd7ccb8422e6024d6413f10e9bf
GET /wp-content/themes/phami/css/jquery.mmenu.all.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 56718
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/icomoon.css?ver=6.0.3
144.217.146.170200 OK 1.6 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/icomoon.css?ver=6.0.3
IP 144.217.146.170:0
Hash 514998320ce47c948c920703ff593474
39d751c43dbd72a4acc931c40205b1154e258ae5
278840c81ee32359ca355b7a452bdfb4f868392e9a3c07d8bbefbbcc79302fc1
GET /wp-content/themes/phami/css/icomoon.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 1629
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/pe-icon-7-stroke.css?ver=6.0.3
144.217.146.170200 OK 9.2 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/pe-icon-7-stroke.css?ver=6.0.3
IP 144.217.146.170:0
Hash b00cc8055c7c4b0abeb7aa4e82516074
8a1e40113793d97b488ab1baa65b0bdb280d3517
5e6cdec9448b80bb3c8d7e6dcb4f19365e73f45d82af8b67637d2e0c2fae0b81
GET /wp-content/themes/phami/css/pe-icon-7-stroke.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 9249
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/bootstrap.css?ver=6.0.3
144.217.146.170200 OK 213 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/bootstrap.css?ver=6.0.3
IP 144.217.146.170:0
Size 213 kB (212619 bytes)
Hash c1ea7ae37dcbcd3c67239caaf1cf2631
b4d40421132114f7fd21f85241e55831bf9057e3
f2d35f238104bcdc475feffad52fe7aa6dc59c909977111f647e2544ea2a878f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/css/bootstrap.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 212619
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/flaticon.css?ver=6.0.3
144.217.146.170200 OK 789 B URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/flaticon.css?ver=6.0.3
IP 144.217.146.170:0
Hash b4fa0fd056d632fb388164f4931e0bd8
71701f07a903ece2b497735832b81930300d6e42
9b258348c881c382d1724641a76e9169432b68870b1bf7c1ee50e764caf5042c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/css/flaticon.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 789
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
144.217.146.170200 OK 11 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 144.217.146.170:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 11224
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Wed, 28 Apr 2021 18:07:53 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
144.217.146.170200 OK 19 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 144.217.146.170:0
File type ASCII text, with very long lines (19082)
Hash 50be31853049e4b4a10c277d5f95eb75
ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 19128
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
institutoandrecamurca.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
144.217.146.170200 OK 90 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 144.217.146.170:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 89521
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Thu, 10 Feb 2022 12:47:01 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
144.217.146.170200 OK 108 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6
IP 144.217.146.170:0
File type ASCII text, with very long lines (65497)
Size 108 kB (107922 bytes)
Hash c98a28f4246018729c3e8c25f5213d31
e16228b80c74e78f3d639467a690c2f6737de2d5
30a68682d7a4d5dfd9a580f8decbf37d4de1d107c0a7fc45af606c61f3ff0f96
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.6 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 107922
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
institutoandrecamurca.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0.2
144.217.146.170200 OK 119 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0.2
IP 144.217.146.170:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Size 119 kB (119386 bytes)
Hash 1eca6ed028850aa07d5f4a003fd7079e
1f02b8c5485108373bdd14a96bb1fe22d72e157b
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.0.2 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 119386
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 21:15:04 GMT
institutoandrecamurca.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.6
144.217.146.170200 OK 308 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.6
IP 144.217.146.170:0
File type ASCII text, with very long lines (57207)
Size 308 kB (308269 bytes)
Hash cafaa8a57cdedfdac964553a7a1d1131
68d8655fbb892cba8fd41b8630dd89aa7d94e935
bfd6080a1b8812c0ca1bea8a80a20713cf604596b57bf8d9e3c16c548f6a2e74
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.6 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 308269
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 21:15:04 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.3.5
144.217.146.170200 OK 51 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.3.5
IP 144.217.146.170:0
File type ASCII text, with very long lines (50949)
Hash 9e640fe3a76c0819df513d480cf08f30
8e59bb0dd027344eda000cb76993a1472ed97768
1a7f1a12e18fb59bb3f6dd27329fcbb1e82a44e480f6da14b92a64b6f557cf56
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.3.5 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 50992
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Fri, 11 Feb 2022 13:20:47 GMT
institutoandrecamurca.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
144.217.146.170200 OK 6.5 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 144.217.146.170:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 6475
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:54 GMT
institutoandrecamurca.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
144.217.146.170200 OK 19 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 144.217.146.170:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 19142
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:54 GMT
institutoandrecamurca.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
144.217.146.170200 OK 9.7 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 144.217.146.170:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 9720
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:09 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/css/template.css?ver=6.0.3
144.217.146.170200 OK 1.1 MB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/css/template.css?ver=6.0.3
IP 144.217.146.170:0
Size 1.1 MB (1068723 bytes)
Hash 3f226a2bcd07049f7244f191e310fd3d
a29ebeaba2291d364e82466626faf976f5c501b6
12a6b8208181f097f7922068f7e3d59e465d9a27de22585c40fe68faeb8760a5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/css/template.css?ver=6.0.3 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/css
Content-Length: 1068723
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Fri, 26 Jun 2020 13:25:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.mmenu.all.min.js
144.217.146.170200 OK 62 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.mmenu.all.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (12346)
Hash 85aba79e771e02edb501c72e90fe88c5
2748c8c2796bc54c64f819355cdbe572ede22d5a
1ecfaba69aebce73a7c7bd4d7610eb58e1c237fd51fa95dcb31d0dbf7f43ee61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/jquery.mmenu.all.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 61622
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/slick.min.js
144.217.146.170200 OK 43 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/slick.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (42862)
Hash d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/slick.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 42863
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/instafeed.min.js
144.217.146.170200 OK 6.2 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/instafeed.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (6175)
Hash 0b6a7de95b8d11b23c8e58b12574f696
f34bcc3eb5f48c535020a3d0e39a0fd4ced7349d
3ac2d4ffaa1661cde9b87f96695f6bd3090791eb8d4bcec44356b4961af6fd26
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/instafeed.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 6210
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.countdown.min.js
144.217.146.170200 OK 6.9 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.countdown.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (3703), with CRLF line terminators
Hash 6d5d5c213607cfd57d33481c470f0d00
2805c59b0fa184f59898b9ec4791771a91da69ec
41cc61318e58a38c8e140df79d062495a056631498fa6ed3b3faa2f459458db9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/jquery.countdown.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 6933
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.fancybox.min.js
144.217.146.170200 OK 23 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.fancybox.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (645)
Hash 3301e15ed25b9f3cb53df7057f8d34be
4f1b0e178dd8c9f4b74034bc02720cf46f9ebf86
67ba2dbf253fad3a0c9e889573c5c28680029059c2b21f835f003503a5672dd0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/jquery.fancybox.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 23135
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/portfolio.js
144.217.146.170200 OK 1.7 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/portfolio.js
IP 144.217.146.170:0
File type ASCII text, with CRLF line terminators
Hash 0d2e83fdf81efaf19e7821128cafe547
1be2a5f89e327fd6b4958b7a17b19a705eae13bb
d9f42c70f4d93202740a1574ef744577d1a3316259079ebef7cd5235c069e9ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/portfolio.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1662
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.elevatezoom.js
144.217.146.170200 OK 58 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.elevatezoom.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (390)
Hash 4f1a867f286a7e7b63faf8bd38d803b3
6a9bc5519e257941ea3776e98e33dd4eb185795d
d74e6540a9576582321dce16687286415c6f03fadbc9a521f932e21f5df28abb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/jquery.elevatezoom.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58175
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.swipebox.min.js
144.217.146.170200 OK 13 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.swipebox.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (12859)
Hash 045b07c05600ecce9d709ad9f17889a2
7468def91f6375ff4ffca1160f6089f45d9c4d59
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/jquery.swipebox.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 12959
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.circlestime.js
144.217.146.170200 OK 35 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/jquery.circlestime.js
IP 144.217.146.170:0
File type ASCII text, with CRLF line terminators
Hash 42d5a0139e07d2b3d9dad2c3e4786715
3fad52929e96707ee6a7e10bdeecd8b7acbbd69b
bdcf995b0c0d80d2a35a8970af5507cd6b06ea13c5f13cf4506baaabbe0813d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/jquery.circlestime.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 34739
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/isotopes.js
144.217.146.170200 OK 77 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/isotopes.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (32269)
Hash b2e5eb4e0fc32648f64911ec367ba4b6
6c856757b5075e090ad1f7c36272d53e08677133
e0fac4341d053388a91aa6fff74a0d9ef050e96a3600b4aa805802012db335e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/isotopes.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 76639
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/js/functions.js
144.217.146.170200 OK 29 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/functions.js
IP 144.217.146.170:0
Hash e98cbf510bc1d93544b06fb7c538d911
735c794fdcc438a371769e8c88b61d306fa74fc8
39856486e93f2dca809e709dab339412be47c5444305f7447ec089092691d324
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/functions.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 28788
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.5
144.217.146.170200 OK 5.5 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.5
IP 144.217.146.170:0
File type ASCII text, with very long lines (5419)
Hash 18ca0b7d2f9e3f42322a85c9f0f3e37c
3d7dc19fe83c9e7e298678c6249235d4388b44f6
88a7c8f556f3d8e4b81d43aa5e4361990f95d3039aa1f9c7ee456c93d6b77e4a
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.3.5 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 5462
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Fri, 11 Feb 2022 13:20:41 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
144.217.146.170200 OK 5.0 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6
IP 144.217.146.170:0
File type ASCII text, with very long lines (4921)
Hash 0d1edb077c0f89865ab23590789d3745
2f63bb3df11ff2247646f5c9a65f24423b8fd037
865e03c14520affa816b36c9221a81c9c4d64f6b055320b9704a2d671e025d0b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.6 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 4960
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
144.217.146.170200 OK 14 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6
IP 144.217.146.170:0
File type ASCII text, with very long lines (14238)
Hash 824bc9b8c1132e76f5706e03af3788a7
d3c6686dd097bc5a29f6ffa507bf52c12540b00d
9f868167dadde7a0b3914cac9bfb32e93e7ca924bf31669822db66e27f0356c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.6 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 14277
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://institutoandrecamurca.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Mar 2023 18:52:41 GMT
expires: Tue, 12 Mar 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 594054
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://institutoandrecamurca.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 6075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.5
144.217.146.170200 OK 59 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.5
IP 144.217.146.170:0
File type Unicode text, UTF-8 text, with very long lines (58848)
Hash c7005637f7667ecf07fd86d8694c489a
360d9766094e348a970c59737f13e4e1c3c1c544
32b4f1c195128562abec640a0e56046ad8f8a410b825186f013904bb34005b13
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.3.5 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58893
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Fri, 11 Feb 2022 13:20:40 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
144.217.146.170200 OK 12 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 144.217.146.170:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 12198
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://institutoandrecamurca.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 02:42:38 GMT
expires: Wed, 13 Mar 2024 02:42:38 GMT
cache-control: public, max-age=31536000
age: 565857
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
institutoandrecamurca.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
144.217.146.170200 OK 21 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 144.217.146.170:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 20715
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:54 GMT
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 15:53:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
144.217.146.170200 OK 38 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6
IP 144.217.146.170:0
File type ASCII text, with very long lines (37702)
Hash 5286ba875834d52a81e6eba53f28177f
13fefdff252b9cff6dac4174a457469f93165301
a1d57439b7cbb156c806a42b54429bac881c3f9f34c717e5085862b0fa56c972
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.6 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 37741
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/fonts/icomoon.ttf?fzv6fp
144.217.146.170200 OK 13 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/fonts/icomoon.ttf?fzv6fp
IP 144.217.146.170:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 08fc959f42d21d1da5d22155652084a4
520c8f186c5aaae01fd07963797607d96b47d2f0
6ce5c4490afa50bcc4ab1e97f39431400106319bc55c04cb5dc24b5d252638e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/fonts/icomoon.ttf?fzv6fp HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/wp-content/themes/phami/css/icomoon.css?ver=6.0.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:14400
Connection: keep-alive
Content-Type: font/ttf
Content-Length: 12984
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.3.5
144.217.146.170200 OK 52 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.3.5
IP 144.217.146.170:0
File type ASCII text, with very long lines (52456)
Hash 9dde5e3899bfab9c12dc093fa71c601b
8cc5c88caa80ede266a1ac20aec7d0034994c4df
e3f94403091ea6daaced3c977d652064ecd840f7457ed51298fc4cd23fc58204
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.3.5 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,immutable,max-age=31536000
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 52499
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Fri, 11 Feb 2022 13:20:40 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
144.217.146.170200 OK 77 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 144.217.146.170:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 15:53:35 GMT
Server: Pyxsoft Pxshield
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=100
Connection: keep-alive
Content-Type: font/woff2
X-Origin-Time-Delay: 124.13961ms
X-Server-Mode: proxied
institutoandrecamurca.com.br/wp-content/themes/phami/fonts/ElegantIcons.woff
144.217.146.170200 OK 64 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/fonts/ElegantIcons.woff
IP 144.217.146.170:0
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/fonts/ElegantIcons.woff HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/wp-content/themes/phami/css/elegant.css?ver=6.0.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 15:53:35 GMT
Server: Pyxsoft Pxshield
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
Accept-Ranges: bytes
Content-Length: 63664
Keep-Alive: timeout=5, max=100
Connection: keep-alive
Content-Type: font/woff
X-Origin-Time-Delay: 121.509377ms
X-Server-Mode: proxied
institutoandrecamurca.com.br/wp-content/uploads/2020/01/IAC-LOGO-branca-1024x229.png
144.217.146.170200 OK 82 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/uploads/2020/01/IAC-LOGO-branca-1024x229.png
IP 144.217.146.170:0
File type PNG image data, 1024 x 229, 8-bit/color RGBA, non-interlaced\012- data
Hash f8d52141e29793eb3be0396d8ae50d56
ea659dd0250622941b34cb7f56a4db851ab21abd
e6621557b6df0ed18148b0184eb2865b7427e1906e67069140efe7613084d063
GET /wp-content/uploads/2020/01/IAC-LOGO-branca-1024x229.png HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: image/png
Content-Length: 81686
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Sat, 20 Jun 2020 22:48:46 GMT
institutoandrecamurca.com.br/wp-content/uploads/2020/01/payment-1.png
144.217.146.170200 OK 4.4 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/uploads/2020/01/payment-1.png
IP 144.217.146.170:0
File type PNG image data, 292 x 39, 8-bit colormap, non-interlaced\012- data
Hash 9379d3f9dba34cb9f6569a6c6d9bb3af
7990564961c6627a1ca7d7ad81c46f1551dd875f
22862e5289132fba2bd792d37d76236480b2101f9501fa9819477f04b69e1f31
GET /wp-content/uploads/2020/01/payment-1.png HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: image/png
Content-Length: 4417
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Sat, 20 Jun 2020 20:06:12 GMT
institutoandrecamurca.com.br/wp-content/themes/phami/images/image_404.png
144.217.146.170200 OK 52 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/images/image_404.png
IP 144.217.146.170:0
File type PNG image data, 987 x 702, 8-bit/color RGBA, non-interlaced\012- data
Hash 29949c437ea1dceef7104be9dfc8b13b
aaa6993033e37cf0c76a757b5a78a181b156dfcc
fe3bbb7b4a6774d03ef29c4dcf67bb13fe4e704b712821abdfdc1f116e2bc29a
GET /wp-content/themes/phami/images/image_404.png HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: image/png
Content-Length: 52245
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT
institutoandrecamurca.com.br/wp-content/uploads/2020/06/logo-iac-site.png
144.217.146.170200 OK 49 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/uploads/2020/06/logo-iac-site.png
IP 144.217.146.170:0
File type PNG image data, 824 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 853f9d2912aa687d428ca3ac7741d89f
1c2c569bc09bb51065cc7fb709c44e7f25835b2a
dd27d8cb9d152479db13b287572514db41898f31990875c62e1f82d25dbbf8a2
GET /wp-content/uploads/2020/06/logo-iac-site.png HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: image/png
Content-Length: 48753
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Sat, 20 Jun 2020 20:18:54 GMT
institutoandrecamurca.com.br/wp-content/uploads/2020/06/cropped-logo-iac-site-192x192.png
144.217.146.170200 OK 32 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/uploads/2020/06/cropped-logo-iac-site-192x192.png
IP 144.217.146.170:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash d4a74aa0f237c5f3ecbccdcb26ed0752
7910898b7d15ddf14a4e56d671954b39255b92a9
2e87632c3707247853a480d00d639959a7902a8c7e3f5340c45c37f55a0c2000
GET /wp-content/uploads/2020/06/cropped-logo-iac-site-192x192.png HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: image/png
Content-Length: 32097
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Wed, 18 Nov 2020 21:11:14 GMT
institutoandrecamurca.com.br/wp-content/uploads/2020/06/cropped-logo-iac-site-32x32.png
144.217.146.170200 OK 2.3 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/uploads/2020/06/cropped-logo-iac-site-32x32.png
IP 144.217.146.170:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 75fe431412c5a52b1767d2c4b02cecd2
c5bc46395b4abc3a6fa5b199c519aa8062845169
616373830d7b3b17fa4dcdac05fd26f543ebdd25c2fcfc12368633989057e515
GET /wp-content/uploads/2020/06/cropped-logo-iac-site-32x32.png HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: image/png
Content-Length: 2283
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Wed, 18 Nov 2020 21:11:14 GMT
institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
144.217.146.170200 OK 1.4 kB URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 144.217.146.170:0
File type ASCII text, with very long lines (1316)
Hash de15748270975fbdd4b66f358a9ce271
e18db28f0b032da3802b77ebea51b7d8c7b72b55
0ca81e784363b653695d694ec3276de2ad4d2fe79ab3d27da6b31d965001f16d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1355
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:35 GMT
Last-Modified: Tue, 14 Jun 2022 12:50:11 GMT
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 216.58.207.202:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 15:53:34 GMT
date: Mon, 20 Mar 2023 15:53:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%2BSans&subset=latin%2Clatin-ext
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%2BSans&subset=latin%2Clatin-ext
IP 216.58.207.202:0
GET /css?family=Poppins%3A300%2C400%2C500%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COpen%2BSans&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 15:53:34 GMT
date: Mon, 20 Mar 2023 15:53:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
institutoandrecamurca.com.br/wp-content/themes/phami/js/bootstrap.min.js
144.217.146.170200 OK 0 B URL HTTP/1.1 institutoandrecamurca.com.br/wp-content/themes/phami/js/bootstrap.min.js
IP 144.217.146.170:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/phami/js/bootstrap.min.js HTTP/1.1
Host: institutoandrecamurca.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://institutoandrecamurca.com.br/sf/express/login.php?l=_jehfuq_vjoxk0qwhtogydw1774256418&fid.13inboxlight.aspxn.1774256418&fid.125289964252813inboxlight99642_product-email&email=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Pyxsoft Pxshield
Cache-Control: public,max-age:3600
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 60117
X-Server-Mode: direct
Date: Mon, 20 Mar 2023 15:53:34 GMT
Last-Modified: Sat, 20 Jun 2020 19:56:52 GMT