r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Thu, 24 Nov 2022 07:02:36 GMT
Date: Thu, 24 Nov 2022 05:57:37 GMT
Connection: keep-alive
uniaoeucaliptotratado.com/
98.142.105.26302 Found 218 B URL HTTP/1.1 uniaoeucaliptotratado.com/
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 739cf94222efdd17b951a0b48798e5ab
40a0b56b0d427ccc6fe670f0d3e00d49cb9cf377
8fc2bb8a97fd0290dfa1f21cfe3b6ebf4ed14c5290f8a9ec675684b1257b0650
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 05:57:37 GMT
Server: Apache
Location: https://uniaoeucaliptotratado.com/
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 05:57:37 GMT
Content-Length: 218
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3709
Cache-Control: max-age=106527
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:38 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:33:05 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5897
Expires: Thu, 24 Nov 2022 07:35:55 GMT
Date: Thu, 24 Nov 2022 05:57:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 05:17:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2424
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uK8wp0XF9QCvcMsE3O3JbYPWKBYj6yeHIXEXZ1vDcBAJRpzMgZiqk2sv4oOa2a+960HSeQyOusg=
x-amz-request-id: 9AE9KAWD2MC6R9VV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 05:43:17 GMT
age: 861
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:57:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 2925
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4320
Cache-Control: max-age=102075
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:38 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:18:53 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
uniaoeucaliptotratado.com/
98.142.105.26200 OK 10 kB URL HTTP/1.1 uniaoeucaliptotratado.com/
IP 98.142.105.26:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (916), with CRLF, LF line terminators
Hash 0afa395d36dc8140f5115c7edc19baa7
976678e6910ba818c0cff87ad3fb93488a48dacb
e181c1d1bdfe613431f1d60444b7fd55f5c7a2d08c55e573a7c51e91c2e830c2
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:38 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-transform
Vary: User-Agent,Accept,Accept-Encoding
Set-Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; path=/
Content-Encoding: gzip
Content-Length: 10228
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MDPTM3D
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MDPTM3D
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9c908862213e38fae9256f42ad4c6437
1dcba82f2a098c7729491323bac59b46e446c7f0
20c6f1eef8b754301097daeffa5b798e9a2f1630848c536869975cf9787d0ca0
GET /gtm.js?id=GTM-MDPTM3D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:57:39 GMT
expires: Thu, 24 Nov 2022 05:57:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-840881667
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-840881667
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 92a723ba143cda3a0f93e5abbc9c88bc
f037e430e5b5632932f2a41385cb931623cf81de
887933a447e33a4f27a73cf3f29e9826b1ec9a2d0ac9d124ccfb7db5cb05fad4
GET /gtag/js?id=AW-840881667 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:57:39 GMT
expires: Thu, 24 Nov 2022 05:57:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-840881667&l=dataLayer&cx=c
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-840881667&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 548cd88178faf0b422bafcdad9928aae
fcba9d53ddab25b1383fa94cbc5fdac90b441ce3
4f0b54f1731bee397a70337d3debf50937e20ed20615a077126b9b83b59cb28a
GET /gtag/js?id=AW-840881667&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:57:39 GMT
expires: Thu, 24 Nov 2022 05:57:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/plugins/style.css?v=14.0
98.142.105.26200 OK 43 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/style.css?v=14.0
IP 98.142.105.26:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ae0c86a80e1869fd74edc59e05f682b8
c2bf92d41fd46dbe39fd743c759cc825e1c70e96
f8831d935f71aa17ffa47e07b848de2cf62367c579961b79dcc98434c6fa0dd5
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/style.css?v=14.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:44:56 GMT
ETag: "3e522-58730469857a9-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 05:57:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 43265
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/css
uniaoeucaliptotratado.com/extra/css/style.css
98.142.105.26200 OK 16 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/css/style.css
IP 98.142.105.26:0
File type ASCII text, with very long lines (360)
Hash 70f862156840f2f7256c5839b29423f2
0cd8e5a7a48d756b5130f8ad0ab888b3fac40d28
82602ebb76260897ef543315fb4867f12938233b74827a4994f70d5fea716e79
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/css/style.css HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Thu, 13 Jun 2019 19:59:10 GMT
ETag: "1651b-58b39f6a1aa75-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 05:57:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15559
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css
uniaoeucaliptotratado.com/extra/css/bootstrap.css
98.142.105.26200 OK 21 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/css/bootstrap.css
IP 98.142.105.26:0
File type ASCII text, with very long lines (540)
Hash 3441d50cfdb62a6bdc3ec77a300b527c
06f136152c8a46345e8a5d36a09128340a712d01
5f051b91ed96ed962b5ef8a5403fa1387c783b7cccad3d678bb3f2fd5db77af2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/css/bootstrap.css HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Wed, 12 Jun 2019 11:08:38 GMT
ETag: "21d19-58b1e6f70e8f3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Sat, 24 Dec 2022 05:57:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21050
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css
uniaoeucaliptotratado.com/plugins/js.js?v=14.0
98.142.105.26200 OK 95 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/js.js?v=14.0
IP 98.142.105.26:0
File type ASCII text, with very long lines (32038)
Hash 94a3de161cccc393f5dec10cb9467145
64fc3e30057fb0e153eb8ffb843d12729c23860c
61a0d33c90afb0a64b77ea75b1abd29637ad914a082beb9b5a42ae7e9d32430c
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/js.js?v=14.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:44:56 GMT
ETag: "4fe00-5873046967a00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 05:57:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
98.142.105.26200 OK 10 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/logo_uniao_madeiras.png
IP 98.142.105.26:0
File type PNG image data, 418 x 120, 8-bit colormap, non-interlaced\012- data
Hash d8472892cab5f6e377c5f8b0d25ab8a3
7d8457f5d8de15f373a3ac40584856cdd5dfc864
e57c8360e839181af1be6900c85afbbd0ed8692011db24e88919bdedcb7842bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/logo_uniao_madeiras.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:16 GMT
ETag: "27c8-58b0154c3013a"
Accept-Ranges: bytes
Content-Length: 10184
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:39 GMT
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/png
uniaoeucaliptotratado.com/extra/images/banner_es.jpg
98.142.105.26200 OK 21 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_es.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 117009f2042fb49c7b48897fbf5a4f8f
d08b35e3a378dd8b19e39302526248b01ee8e1a2
29e6590f5513d398a530fc6d79f9bac2da80553726d7db542722a45775cf058e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_es.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:24 GMT
ETag: "5257-58b015539e937"
Accept-Ranges: bytes
Content-Length: 21079
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:39 GMT
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/extra/images/banner_serrada.png
98.142.105.26200 OK 15 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_serrada.png
IP 98.142.105.26:0
File type PNG image data, 300 x 200, 8-bit colormap, non-interlaced\012- data
Hash 6ec0eff21cb12696f0127ab8a2a1d81e
0fd7e02c160eaac84020f5951c7b13bc155f4104
d81c27fb7b8b0c296bbfe65017c7c7e40963116366931174983854fb1ba7c54f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_serrada.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:27 GMT
ETag: "3b4a-58b015562f48a"
Accept-Ranges: bytes
Content-Length: 15178
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:39 GMT
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15556, version 1.6554\012- data
Hash 4c9a4bc2b383253d953bad3699c3ab1b
ec2590bc030c185025fbc09afe2f268af6e38985
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
GET /s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15556
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:25:15 GMT
expires: Wed, 22 Nov 2023 01:25:15 GMT
cache-control: public, max-age=31536000
age: 189145
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v10/BObL_3V2WX-YniTOi4CsnvesZW2xOQ-xsNqO47m55DA.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v10/BObL_3V2WX-YniTOi4CsnvesZW2xOQ-xsNqO47m55DA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16216, version 2.0\012- data
Hash cc1b1c45f828261a1879594d00c35f01
a78271bfabb536f3453d9ff8109d1140e63349cc
5527dccae6db8d6434359c94cdfe4684d674edca48f7502e6868d3c4a6b33b14
GET /s/oswald/v10/BObL_3V2WX-YniTOi4CsnvesZW2xOQ-xsNqO47m55DA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:43:09 GMT
expires: Thu, 23 Nov 2023 08:43:09 GMT
cache-control: public, max-age=31536000
age: 76471
last-modified: Mon, 06 Oct 2014 20:40:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2257
Cache-Control: max-age=119069
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:40 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 15:02:09 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
98.142.105.26200 OK 18 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_capelinha.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash bf38f20c0226b155db5805d313503ee5
54788b3ae2aaf1e5ce9e5c97819b910e30688455
07a8c7584176ce9a4ebc64bc4b20d77ae7d74d5f096a7da2bd86e7eb15a4a971
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_capelinha.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:22 GMT
ETag: "46f2-58b01551aa1c7"
Accept-Ranges: bytes
Content-Length: 18162
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:39 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
98.142.105.26200 OK 18 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/banner_blog.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x200, components 3\012- data
Hash 66647e0d1bc048b50a6bf5c33e5e55c8
9cee2df8c5d64fc51694d8b3595e191ac65cf457
b3c1ba35c1de0cc70ea708a6be86607ecea5d58c87f990a8a821c27a565e5931
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/banner_blog.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:20 GMT
ETag: "46c5-58b0154f62e2e"
Accept-Ranges: bytes
Content-Length: 18117
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:39 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
98.142.105.26200 OK 4.2 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/img/outros/carregando/loader.gif
IP 98.142.105.26:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash e4234472afb925ddb203ad99cb2ec0b0
385550a74827324c3cd787275290e96311dfc8fb
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/img/outros/carregando/loader.gif HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:34:48 GMT
ETag: "1050-58730225daad2"
Accept-Ranges: bytes
Content-Length: 4176
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/gif
uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
98.142.105.26200 OK 32 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/ecorecycling-logo-main.png
IP 98.142.105.26:0
File type PNG image data, 380 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash a41125eb64752ab8555b46c97fd5284e
ac13630fd5718264f58a49500483e9253772827a
a66a12d08e9290ec669d47cb0bf3ce7a241f45c239bd7361157ce34e22c8a7b7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/ecorecycling-logo-main.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:39 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:08:57 GMT
ETag: "7b91-5872fc5f2ae69"
Accept-Ranges: bytes
Content-Length: 31633
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:39 GMT
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png
uniaoeucaliptotratado.com/web/img/outros/spacer.gif
98.142.105.26200 OK 43 B URL HTTP/1.1 uniaoeucaliptotratado.com/web/img/outros/spacer.gif
IP 98.142.105.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/img/outros/spacer.gif HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:35:02 GMT
ETag: "2b-587302334ed94"
Accept-Ranges: bytes
Content-Length: 43
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2257
Cache-Control: max-age=119069
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:40 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 15:02:09 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
98.142.105.26200 OK 32 kB URL HTTP/1.1 uniaoeucaliptotratado.com/extra/images/botao-orcamento.png
IP 98.142.105.26:0
File type PNG image data, 500 x 150, 8-bit colormap, non-interlaced\012- data
Hash 2bf85c7707a721ddfb45c52f49afca95
11d40b46e2d5243b11b9cc17d7f373cd4320172b
1c45876a76bf3167a840432bc61940c44988b9c08fa383603200ea94c7c0d30d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /extra/images/botao-orcamento.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Tue, 11 Jun 2019 00:25:30 GMT
ETag: "7dc1-58b01558f0d14"
Accept-Ranges: bytes
Content-Length: 32193
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/png
uniaoeucaliptotratado.com/web/img/outros/carregando/loader1.gif
98.142.105.26200 OK 3.2 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/img/outros/carregando/loader1.gif
IP 98.142.105.26:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 47e216e917cec034f146e1f9c30f4b5c
932371942baf21904304d51a2db3d970e60c9cb7
f0885f4c19a2d54e47ec62bf8c11fa8e0c30f638f7de668c03430184894e3280
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/img/outros/carregando/loader1.gif HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:34:48 GMT
ETag: "c88-58730225f21ce"
Accept-Ranges: bytes
Content-Length: 3208
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/gif
static.xx.fbcdn.net/rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4643)
Hash 3d04fb0bfeec2de76f7a043b3c9d381d
42f49d096e57efaf7d7fe8332d40c4c72da97f7e
81b535cf6d8acd9c9841ae1fc8750ef9c4ee0892e11ed6edb30747f9a4b5d3d2
GET /rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 18:09:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: PQT7C/7sLedvegQ7PJ04HQ==
x-fb-debug: ww0Xi9Utahc6hfg2xq/bjaIJgBYj5x/K092WWy7BPcHdcUiu+01AuLYO0MegWkvHa7KEuokuXE+PYXbytro7RQ==
priority: u=3,i
content-length: 7564
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 48 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (5068)
Hash e5396e537f790a057e686148c619bff1
510736e3853128533f5a2ff8c39d95d0158f7e06
122a8b1ef657fe42bbbefb88f7145c49071418626de029c63c0fa00674339f63
GET /rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 23:58:42 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5TluU395CgV+aGFIxhm/8Q==
x-fb-debug: oZ4fFwQTzmD0m045IPJ2S5ta5BWpwHWTSNi/sdrsWoD0c4eQpre7yDx5nJrVBFmMJdaYSXbm1opsYMQfqWMAsQ==
content-length: 48023
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/Z8HwmBQAssQ.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 4.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/Z8HwmBQAssQ.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4431)
Hash b113b03774dd681750e13a29e21bb731
7f04db6a230a826eecad3667b4e770b9e72ec31e
193918cbf46245338989996fcd9c0e76f0625e1a39f5ba648a2fac2960a1b16c
GET /rsrc.php/v3/yB/l/0,cross/Z8HwmBQAssQ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:25:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: sROwN3TdaBdQ4Top4hu3MQ==
x-fb-debug: 2+7xHS/eDx07NmhPNkyywIjCCVloU4QlzRZJJgKsbCgCjIDfHNXfHrBmU+/Xx8tnlHsCvyab2/94fUDvDqkzFw==
priority: u=3,i
content-length: 4377
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:38:47 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: wiiQpSv+hINmxdmDh50qRYLH0Cc0/G7L/Ii7uM69ujJ9255olUBP7wXxq1ttCrD/GuMczOSWMrxFCttWIBEa7Q==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: W8oNQ20RRci19DZRKo9uDRApdh+0a2rAY6qTH85H4Hi9P5kV6tLh8k37VYg3Sb5ZwVDl6wz3D24n8ZMMRcEPrQ==
content-length: 16262
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3365
Expires: Thu, 24 Nov 2022 06:53:45 GMT
Date: Thu, 24 Nov 2022 05:57:40 GMT
Connection: keep-alive
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 06:07:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: bP7Hn62kFAjWr7jSa5xbIHjvtrymCc5+/BWiU8jmZWvoE9UNywvxV+fazhrnkAfvO75toNN1+8hqwJRQpK4bpw==
content-length: 1657
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff2?v=4.7.0
98.142.105.26200 OK 77 kB URL HTTP/1.1 uniaoeucaliptotratado.com/plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff2?v=4.7.0
IP 98.142.105.26:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/Fonts/Fonts_Faa/fontawesome/webfont.woff2?v=4.7.0 HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/plugins/style.css?v=14.0
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Tue, 23 Apr 2019 10:14:19 GMT
ETag: "12d68-5872fd92194a8"
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=604800
Expires: Thu, 01 Dec 2022 05:57:40 GMT
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: font/woff2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:07:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: GDGRfZeyuE1OHpy9ahIhaU0kclOXpFQYQ7/1M/D5cI7JUQ4Ew0DXCSWEFfX2Lc8mzeEZzI90+YEWxbLFPyoGUw==
content-length: 338
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3365
Expires: Thu, 24 Nov 2022 06:53:45 GMT
Date: Thu, 24 Nov 2022 05:57:40 GMT
Connection: keep-alive
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/qnSc4RA_g8a.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/qnSc4RA_g8a.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (866)
Hash 1860620e865f29d283c8ffe6fa0a52e6
96d773fa4f51e11d3ba07a4ee96cae87f1fd8a6b
b0db87bd4d691eaa04c729d02ea8c1be9db56bcd9d35fbf787ae06b6f4a297b8
GET /rsrc.php/v3/yJ/r/qnSc4RA_g8a.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 20 Nov 2023 17:50:35 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GGBiDoZfKdKDyP/m+gpS5g==
x-fb-debug: enRBDeuIuOzHda+T6ZKAtlVW1powkVjpEGI4tmtPXoq+kOtT/XNVsZ/TBVMDBMGmdPvJZcnrT33NJSbOD2lBGA==
priority: u=3,i
content-length: 1022
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 232 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
Hash 9e9f7c79f2773bb18cf6ce4cdfa368ef
670d1cdcbdea9485d6a19b67e12f247a19cab3ec
bf3e32d807092fa60d6a1cecb6b4d80ce20f1ce7b715a34707184bd31016e189
GET /rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: np98efJ3O7GM9s5M36No7w==
expires: Sat, 18 Nov 2023 18:13:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: OTJO0QHdGXUQSkwcHymbqZtqKNwGuLcLhLYkg2ntQFlwjeXe3K8TvOpehxKFtbmvzm5HuB07PtqOvV3legsIsA==
priority: u=3,i
content-length: 232
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yP/r/UDmYwShqrj4.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 6.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yP/r/UDmYwShqrj4.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4488)
Hash e1fd0906cb6f69a93c5a8d63a103bd5b
e0eae24eee2fdffa9675690d7afb66206ac58bf2
a0e3ab716081eba89c66fcac1803018b9ab26945db58bcd48eec34f0a5ad2d5c
GET /rsrc.php/v3/yP/r/UDmYwShqrj4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:15:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4f0JBstvaak8Wo1joQO9Ww==
x-fb-debug: K4sMxFzRJ6uBKLjwtnYv3PHD7nca3WG371ClCTTGiQNIT69yg14hM933k2CEW8bCLgmkvwrzFTidKg0FGWhCPg==
priority: u=3,i
content-length: 6378
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:52:56 GMT
age: 29084
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4057)
Hash 571700b5a1e8db88d5d79007a910b962
07102cc5f2b19f190830664e1ec6718efb33c011
ecccefedaf39e094079b22880aba987993015fbf1b70fd3c63bc57dc10685f11
GET /rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:13:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: VxcAtaHo24jV15AHqRC5Yg==
x-fb-debug: toyuB3SAldiJbPiFmTzqS82YUXCgo1xj24kbDL0MQa9hnhIbaWdcJ2i2753fIkvf+ZVJbaC46+TMmqv8MGguuA==
content-length: 7238
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 28817
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type C source, ASCII text, with very long lines (10494)
Hash 092b5c28d77f2d11674919ed34ea81a0
4c4f97066f7b733e29643697757417a0e2bee99d
1533d3e4e835168cd2456621fe6cf46db9255586262b7703b182155fa90e33d7
GET /rsrc.php/v3/yq/r/6pd4iTcqYl_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 23:29:02 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: CStcKNd/LRFnSRntNOqBoA==
x-fb-debug: yJCEkZ80cU8IKuvrUr4gjhyiwvMADyZ34gwf/JrGP0B3pcOOqAAdaCdnxsuzsj7MTwccOv3ZSXqhPbnGBk/0eQ==
priority: u=3,i
content-length: 5016
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 28426
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (2905)
Hash 7734711815478192096a4df90abbfa01
ea16129c6f54227d9d01bf3421e68863e75ffd7a
22cf4b88ca3b9208f44974e02dc6f784021871877121c7d03b310d7264ced0e3
GET /rsrc.php/v3iLl54/yh/l/en_US/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:17:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dzRxGBVHgZIJak35Crv6AQ==
x-fb-debug: SwZtxprWZfXl+rO+YaOOqR2xLBF38ZPg8Y+cP7WtlQTkjvtMYyRnl3hNc9Mm0TJ9+/36SgDNG/isJ/X1ydzT6w==
priority: u=3,i
content-length: 8360
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 8.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (9885)
Hash 71e8e93b5e55f2010013b0814f4e3ae5
4732ba3acc539a0e9ff12d08c1b5a16f535bd594
b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:39:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: H2PI3oGS9Y4J9xsW92eZpy446nXHTXfc0oS1Ip5KPRUh1uSqu1kjsSpEPgFjjn+tiZ3P/nPgRYBruWBygKDW9g==
content-length: 8748
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 29434
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 19 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (8606)
Hash eab4d9652bb152973a26936fc85f09f5
756a00cb73057d7aebf869b203663a635de8e74a
01cf1611e7f1431f2532cea3c2377f5b56ce369beb6ab0fdf7c0cb22d8a8fa3d
GET /rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 18 Nov 2023 18:11:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 6rTZZSuxUpc6JpNvyF8J9Q==
x-fb-debug: 6BP43DwxvmnnXp3/xPhUVF/rUq8GjhPjTykhFiLTAwXeEEce/8ohn5u4ETUwJ+afNJfIs3CFPNtOCn5Dj0vG8w==
priority: u=3,i
content-length: 19088
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ac60e832454b4658f4f7f09b2c120c4
4c20adfe72d6b01777f840445d57c891230e5b32
ec1f4393eebaf1c4229fbda2524bd150191ca4067fe368e6a35ad4d65b8df59c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8776
x-amzn-requestid: 7c511f0c-198d-44d5-bc52-29f698fca910
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvynEFBoAMFdJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9343-686e25237fb06f5031ffa88e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: we5qPtOUBgvPwa1oq8jplahjNZ6iiNlQn2Eyvl5_xuXWEKy6CmTR9Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 28820
etag: "4c20adfe72d6b01777f840445d57c891230e5b32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (42048)
Hash 3051900d03a657ddbbc9afa8ac11cdbd
557f26734897e137a6678f6d2a81672fc6a34ad2
038035ce01be57324c7e251c8834229b4910f27e3a042912fd7276947e5750df
GET /rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:32:37 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: MFGQDQOmV927ya+orBHNvQ==
x-fb-debug: bYJtwnmxjXNN/5yVzx0xIPOgUd6Q8v8AOjtZxr+sBc5dyqixEfG4vUGd0PG5yIVM8WsyOnRU3pNCX33EeE2n6Q==
content-length: 23455
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:19 GMT
age: 28821
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3i59j4/yV/l/en_US/i8ghwFiMKf9.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 43 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3i59j4/yV/l/en_US/i8ghwFiMKf9.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (10798)
Hash a125931cd9d397862d4bfe4518078060
9cfff833b3e684862901090068155d73acca021c
8992a462f221ba8d1e63cf89f350ef3dd5050577f588640694b66df7b513a84b
GET /rsrc.php/v3i59j4/yV/l/en_US/i8ghwFiMKf9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 22 Nov 2023 07:31:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: oSWTHNnTl4YtS/5FGAeAYA==
x-fb-debug: 8dy8ZChkrwilJXRMn9JwIF/LpwL81KyQ5cJadXJbnlpIq8GnF4/EGMj7gMuNFimXCkny9z2rYrIfTAZo/sf8RA==
priority: u=3,i
content-length: 42629
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 3.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (3040)
Hash 67341f39b2ce247e697a10779f128a4d
f02c4778acb39deb48e616259ba730fd59a19fc3
7e7f121969a70cc7962e6b31531a1afca8d5492879b9b52291b2c8014ca0bf76
GET /rsrc.php/v3/yr/l/0,cross/nWIU5H2unqI.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 18:25:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZzQfObLOJH5pehB3nxKKTQ==
x-fb-debug: xXc3tB6KW2GlKJu1jGtCJl1gxVhj5AQ85x7wZ7SmqXL5xeWj0x3cQ1IVai2V73sS60cXq/nCIPlGg6/Y4DvsgA==
priority: u=3,i
content-length: 3399
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/web/fotos/thumbnails/informativos_24_importancia-do-tratamento-da-madei_uniaoeucaliptotratado.com_zz668f4fbf5b_560x400.jpg
98.142.105.26200 OK 52 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/informativos_24_importancia-do-tratamento-da-madei_uniaoeucaliptotratado.com_zz668f4fbf5b_560x400.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 560x364, components 3\012- data
Hash e518505e386b54dc27c98727f9a5b7f0
083504d766e42c0fc78c1b6da98739c3200df6de
c1c9939a558108f77bc537dae81ba7a5559fe6d734291a69a613874515456b4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/informativos_24_importancia-do-tratamento-da-madei_uniaoeucaliptotratado.com_zz668f4fbf5b_560x400.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 14:05:10 GMT
ETag: "cb47-58b49226ee2e8"
Accept-Ranges: bytes
Content-Length: 52039
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
static.xx.fbcdn.net/rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 15 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (56522)
Hash 9be66ca068832ec5c575ac6d6d9b6923
bdcbbf3bff75f58bcafb6e4179595f591dc99d32
b8ddffea993cce43fcfd1fd109cf6ccedd74a1774aef19b16bf982c5856c537f
GET /rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 03:57:52 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: m+ZsoGiDLsXFdaxtbZtpIw==
x-fb-debug: BDln0xwr3H7dJpfLI9elWHG5jeqCNo10TyGs3VT58SA2Vtzm1QmBo/AJn9LE/hKfnRN6w5VMRa7DqhS5BCjqlw==
content-length: 15217
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18622)
Hash 151e87d38f4f425e44d9c851c9aecf05
762111e5095f5354be95b98ad476f6e7161ce6b1
f236f289f38c8081b496e0537ed3b2c66822e7a743f5d9d4959f955c64b0b2b0
GET /rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 16:54:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FR6H049PQl5E2chRya7PBQ==
x-fb-debug: XKYCuFqqNH0kZrgnBK9d939R6pWs+fcIzk26id8p6lRkOvr6n2vQtYYz0yMcJoZ8xMvN0Ztyy0Cqwk+0Rwgf4Q==
content-length: 91088
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_4_uniao-madeiras_www.uniaoeucaliptotratado.com_zz89054364c4_4000x1060.jpg
98.142.105.26200 OK 113 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_4_uniao-madeiras_www.uniaoeucaliptotratado.com_zz89054364c4_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x400, components 3\012- data
Size 113 kB (112597 bytes)
Hash 93f98dcf8e23d0ff77964b30feed41b6
fa1bc5aeff8b9cedd37ece0fab621aaa19cb849b
5ab7596f1bba5fc9c8b2e56d07bee27e017461893b9fd7bd89fb44b64357b24b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_4_uniao-madeiras_www.uniaoeucaliptotratado.com_zz89054364c4_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Thu, 14 Nov 2019 13:34:36 GMT
ETag: "1b7d5-5974e8adc683f"
Accept-Ranges: bytes
Content-Length: 112597
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_5_madeira-para-construcao_uniaoeucaliptotratado.com_zz282d5b19dd_4000x1060.jpg
98.142.105.26200 OK 54 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_5_madeira-para-construcao_uniaoeucaliptotratado.com_zz282d5b19dd_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1086x400, components 3\012- data
Hash a125c0f9692133d335959ee2b6e8b7bf
7f75c3d0ced0ccb709bb1b9d33ede327120f4f89
c2eaa68c2839444306230b19a7a17e75efaa9a028c22dd5e07bea66938e8f2c2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_5_madeira-para-construcao_uniaoeucaliptotratado.com_zz282d5b19dd_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Wed, 12 Jun 2019 21:33:32 GMT
ETag: "d15d-58b272a3b77a4"
Accept-Ranges: bytes
Content-Length: 53597
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/informativos_25_madeira-para-telhado-de-eucalipto-tratado_uniaoeucaliptotratado.com_zz657fbc0e07_560x400.jpg
98.142.105.26200 OK 46 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/informativos_25_madeira-para-telhado-de-eucalipto-tratado_uniaoeucaliptotratado.com_zz657fbc0e07_560x400.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 560x392, components 3\012- data
Hash 25c4d9b2f23d9f70bae3d9e9a09026e4
bad18b43ffcc942e4deadf985227a937073c2c39
079f189bcb4998a2e40619a5a66754fc898c44cd1688e3d8fde6f999e2c7e522
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/informativos_25_madeira-para-telhado-de-eucalipto-tratado_uniaoeucaliptotratado.com_zz657fbc0e07_560x400.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 14:05:10 GMT
ETag: "b517-58b4922702eec"
Accept-Ranges: bytes
Content-Length: 46359
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_6_imunizacao-de-eucalipto_uniaoeucaliptotratado.com_zza6946e702c_4000x1060.jpg
98.142.105.26200 OK 67 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_6_imunizacao-de-eucalipto_uniaoeucaliptotratado.com_zza6946e702c_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x400, components 3\012- data
Hash ba9f126597fc500fd87f81c6348000c3
21dde782aad84d8ecc7fc728d1bd250b94734ba9
8746871ba5fb7e03604bf57dadab3e1fc689fb210c54d5cbe2e6e60bf3278df0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_6_imunizacao-de-eucalipto_uniaoeucaliptotratado.com_zza6946e702c_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Wed, 12 Jun 2019 21:33:32 GMT
ETag: "10685-58b272a3bb23c"
Accept-Ranges: bytes
Content-Length: 67205
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/informativos_23_sobre-o-preco-do-eucalipto-tratado_uniaoeucaliptotratado.com_zz0a4ad435b8_560x400.jpg
98.142.105.26200 OK 56 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/informativos_23_sobre-o-preco-do-eucalipto-tratado_uniaoeucaliptotratado.com_zz0a4ad435b8_560x400.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 560x373, components 3\012- data
Hash 42100b60fe785e7fc016070e10e3863b
c4166af715eec73b9400b50b819d59e4f31e00b0
c3a3bcd0fd5bf0f7a43576dc8ec517882341db91e7d2a4f0599b9005faa69adc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/informativos_23_sobre-o-preco-do-eucalipto-tratado_uniaoeucaliptotratado.com_zz0a4ad435b8_560x400.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 14:05:10 GMT
ETag: "dc6b-58b492273b152"
Accept-Ranges: bytes
Content-Length: 56427
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_3_eucalipto-tratado_uniaoeucaliptotratado.com_zz1736e3706d_4000x1060.jpg
98.142.105.26200 OK 106 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_3_eucalipto-tratado_uniaoeucaliptotratado.com_zz1736e3706d_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x400, components 3\012- data
Size 106 kB (106385 bytes)
Hash 275a95277fcfad2beb9117a99ad901bd
f6f93cd24c8092e1fd75e905b2fb78df1d72c5bf
2ef9c4bde3ee92716a8bccb27c60d8a0beef5b7e0b390309e5f3b3938ad68744
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_3_eucalipto-tratado_uniaoeucaliptotratado.com_zz1736e3706d_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 14:34:35 GMT
ETag: "19f91-58b498bafe31c"
Accept-Ranges: bytes
Content-Length: 106385
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_3_eucalipto-tratado_uniaoeucaliptotratado.com_zzeca096ce29_4000x1060.jpg
98.142.105.26200 OK 56 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_3_eucalipto-tratado_uniaoeucaliptotratado.com_zzeca096ce29_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 933x400, components 3\012- data
Hash 3f025be0c6ea0389d793eef23e58c5cd
ed957d798e76de87a0a714c555f31eead9e81751
d5ef4900d991b67ec521a5e3a56f902d18548d3c1db632b48441c98fb2f4d6cf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_3_eucalipto-tratado_uniaoeucaliptotratado.com_zzeca096ce29_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Fri, 14 Jun 2019 14:34:35 GMT
ETag: "daf6-58b498bb00a2c"
Accept-Ranges: bytes
Content-Length: 56054
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_4_uniao-madeiras_www.uniaoeucaliptotratado.com_zzee3a4299ab_4000x1060.jpg
98.142.105.26200 OK 63 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_4_uniao-madeiras_www.uniaoeucaliptotratado.com_zzee3a4299ab_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1044x400, components 3\012- data
Hash 143f9fdeb7fde2872a82d1917604f8bd
46a416223e989f89b8f796a2643b7377a0c43d4e
278784d5049801f27cc8fc9d93bf9bfd07a2437f1c3f53ae603e08bdb421b366
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_4_uniao-madeiras_www.uniaoeucaliptotratado.com_zzee3a4299ab_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Thu, 14 Nov 2019 13:34:36 GMT
ETag: "f6d6-5974e8adc971f"
Accept-Ranges: bytes
Content-Length: 63190
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_6_imunizacao-de-eucalipto_uniaoeucaliptotratado.com_zzfa8514ab5a_4000x1060.jpg
98.142.105.26200 OK 34 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_6_imunizacao-de-eucalipto_uniaoeucaliptotratado.com_zzfa8514ab5a_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 876x400, components 3\012- data
Hash 6ceb861f08dc7540d72adac635ba0fa9
7405dc72b5602e54e8af9cfed72860335b880e8b
ed4c669d64f2033fe48badbfe653e27929ddd892abfa2ca54fed14caed2d3af9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_6_imunizacao-de-eucalipto_uniaoeucaliptotratado.com_zzfa8514ab5a_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Wed, 12 Jun 2019 21:33:32 GMT
ETag: "84da-58b272a3be8eb"
Accept-Ranges: bytes
Content-Length: 34010
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_5_madeira-para-construcao_uniaoeucaliptotratado.com_zza696e0f305_4000x1060.jpg
98.142.105.26200 OK 14 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/thumbnails/banner_5_madeira-para-construcao_uniaoeucaliptotratado.com_zza696e0f305_4000x1060.jpg
IP 98.142.105.26:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x130, components 3\012- data
Hash 26501698a1cd79c58f283ede014b49d1
b297b9495c24e0c13c790ec4db70e8b7213bc215
80dc9ae12bd55677616d5969fd9df951c4567c525a47481795d30d403ecc314f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/thumbnails/banner_5_madeira-para-construcao_uniaoeucaliptotratado.com_zza696e0f305_4000x1060.jpg HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:40 GMT
Server: Apache
Last-Modified: Wed, 12 Jun 2019 21:33:32 GMT
ETag: "1583f-58b272a3b40f5"
Accept-Ranges: bytes
Content-Length: 88127
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:40 GMT
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 04:41:08 GMT
expires: Thu, 24 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 4593
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/840881667/?random=1669269458996&cv=11&fst=1669269458996&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&auid=152949228.1669269459&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 927 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/840881667/?random=1669269458996&cv=11&fst=1669269458996&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&auid=152949228.1669269459&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1977), with no line terminators
Hash 3b1f1522d253840688ec2778aaa9519d
77373587e50066d7624c25f2c9008dc8d14fe465
8873d30864d35acdb73a362dac39e6ad8f95d4cb6a9291f7aafc09e1a7265af9
GET /pagead/viewthroughconversion/840881667/?random=1669269458996&cv=11&fst=1669269458996&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&auid=152949228.1669269459&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 927
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 06:12:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1165646816&t=pageview&_s=1&dl=https%3A%2F%2Funiaoeucaliptotratado.com%2F&ul=en-us&de=UTF-8&dt=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=1596604332&gjid=1746446430&cid=1679851957.1669269461&tid=UA-71208931-1&_gid=271969587.1669269461&_r=1&_slc=1&z=454617273
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1165646816&t=pageview&_s=1&dl=https%3A%2F%2Funiaoeucaliptotratado.com%2F&ul=en-us&de=UTF-8&dt=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=1596604332&gjid=1746446430&cid=1679851957.1669269461&tid=UA-71208931-1&_gid=271969587.1669269461&_r=1&_slc=1&z=454617273
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=1165646816&t=pageview&_s=1&dl=https%3A%2F%2Funiaoeucaliptotratado.com%2F&ul=en-us&de=UTF-8&dt=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=1596604332&gjid=1746446430&cid=1679851957.1669269461&tid=UA-71208931-1&_gid=271969587.1669269461&_r=1&_slc=1&z=454617273 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://uniaoeucaliptotratado.com
date: Thu, 24 Nov 2022 05:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uniaoeucaliptotratado.com/web/fotos/configs_6__uniaoeucaliptotratado.com_zz39ad4f3fbb.png
98.142.105.26200 OK 6.9 kB URL HTTP/1.1 uniaoeucaliptotratado.com/web/fotos/configs_6__uniaoeucaliptotratado.com_zz39ad4f3fbb.png
IP 98.142.105.26:0
File type PNG image data, 73 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ff63b213d09ed53ba7e87fb7dfb609f
8c95b2d5d861d245dbfcaa1a951c45d0dc2b739f
58a525d177cfd4b346dc745d69be50635615ee0ffdeb4ee33cab205240a4ba7d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /web/fotos/configs_6__uniaoeucaliptotratado.com_zz39ad4f3fbb.png HTTP/1.1
Host: uniaoeucaliptotratado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Cookie: PHPSESSID=5lfl8gh45d41gjjgjtleoam5i7; _gcl_au=1.1.152949228.1669269459
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:57:41 GMT
Server: Apache
Last-Modified: Mon, 10 Jun 2019 12:52:38 GMT
ETag: "1ac5-58af7a7ab547b"
Accept-Ranges: bytes
Content-Length: 6853
Cache-Control: max-age=31536000
Expires: Fri, 24 Nov 2023 05:57:41 GMT
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png
IP 157.240.200.14:0
File type PNG image data, 65 x 730, 8-bit colormap, non-interlaced\012- data
Hash bb29fc0ca834dad745632b7ba95e8806
221166c768156576b20ad65a7a3021a701da75f4
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
GET /rsrc.php/v3/y0/r/ksSG7BCGzVy.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uyn8DKg02tdFYyt7qV6IBg==
expires: Mon, 13 Nov 2023 06:11:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: omrt0rVfHIX3Eoa1QgV75onjkjULJh6CSIwF6D6NGMTO6R4rVEUTaQTl5fkwBuXTBLCM7hJ4WfVNPqdImolAyQ==
content-length: 12111
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:41 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/840881667/?random=1669269458996&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878348766&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/840881667/?random=1669269458996&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878348766&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/840881667/?random=1669269458996&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878348766&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/840881667/?random=1669269458996&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878348766&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/840881667/?random=1669269458996&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878348766&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/840881667/?random=1669269458996&cv=11&fst=1669266000000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Funiaoeucaliptotratado.com%2F&tiba=Eucalipto%20Tratado%20UNI%C3%83O%20MADEIRAS%20de%20Capelinha%2C%20MG%20-%20Home&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2878348766&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71208931-1&cid=1679851957.1669269461&jid=1596604332&gjid=1746446430&_gid=271969587.1669269461&_u=IEBAAEAAAAAAACAAI~&z=1613603360
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71208931-1&cid=1679851957.1669269461&jid=1596604332&gjid=1746446430&_gid=271969587.1669269461&_u=IEBAAEAAAAAAACAAI~&z=1613603360
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71208931-1&cid=1679851957.1669269461&jid=1596604332&gjid=1746446430&_gid=271969587.1669269461&_u=IEBAAEAAAAAAACAAI~&z=1613603360 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://uniaoeucaliptotratado.com
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://uniaoeucaliptotratado.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 05:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Funiaoeucaliptotratado%2F&tabs&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Funiaoeucaliptotratado%2F&tabs&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
IP 157.240.200.35:0
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Funiaoeucaliptotratado%2F&tabs&width=340&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uniaoeucaliptotratado.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: suxuScBQQ7DkWPUCWpnQ/rm4kj/y1u5PG2DLypf1XOlx0JoIbT/zyZdwYmLv6D2ZQJH0AVZGKoYVHw1pRnhe/g==
date: Thu, 24 Nov 2022 05:57:40 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ivrH4/yL/l/en_US/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ivrH4/yL/l/en_US/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
GET /rsrc.php/v3ivrH4/yL/l/en_US/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 21:08:41 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: Htjv1wYoonZJuz/NTw03fA==
x-fb-debug: bzF9BqaBsj2Omywi0XxMoQLxgSMONnYUtMS9WLpILZ+1ct0+Mxnv2uua1Tfdlu0o/UUGOq1H/1bmsEgBz1YlcA==
priority: u=3,i
content-length: 79543
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
GET /rsrc.php/v3/yW/l/0,cross/NJiNNgzn9FZ.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 16 Nov 2023 23:36:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 8Y8T8D651Sz4PAre1kB5wQ==
x-fb-debug: 6mVzSiW1+qxy9Pd4znpiLSbKy93RfisZKQ+fZjUnG6018gzCui12zJ+Z6yJqMNBbqoij6nSriR7D/cVDCaR/6w==
priority: u=2
content-length: 6445
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:57:40 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2