r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11353
Expires: Sun, 04 Dec 2022 01:34:18 GMT
Date: Sat, 03 Dec 2022 22:25:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 800
Cache-Control: max-age=130767
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:05 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:44:32 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 22:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 305
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4660
Expires: Sat, 03 Dec 2022 23:42:45 GMT
Date: Sat, 03 Dec 2022 22:25:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s9h633rh8Ij99qYeDA+AQP1axWTbPpWGYeb27hbfsfaXELGWKIQuCdqQBQGhV/54BTgIoupZHHA=
x-amz-request-id: H7J030W52R8SSKZ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 21:47:17 GMT
age: 2268
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/
162.241.2.245301 Moved Permanently 0 B URL HTTP/1.1 clinicalorraneiack.com.br/
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 22:25:04 GMT
Server: Apache
X-LiteSpeed-Tag: 48b_HTTP.200,48b_HTTP.301
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://clinicalorraneiack.com.br/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 22:25:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash f1614b5125fd290d22bfd71323807b15
d3d4d51f44f6f6f7f202b6c8f12bcefa58e34e8a
8213666391d25e878e2d68c018ac130e8803bf7f7b3224152ca6fa7914f41e87
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8213666391D25E878E2D68C018AC130E8803BF7F7B3224152CA6FA7914F41E87"
Last-Modified: Sat, 03 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Sun, 04 Dec 2022 04:23:58 GMT
Date: Sat, 03 Dec 2022 22:25:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 778
Cache-Control: max-age=125684
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:05 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:19:49 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I4pYT1LpK9752WuZjVwziA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f56oEdbSkfdk4JUdWtLhEcMly3Q=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clinicalorraneiack.com.br/wp-includes/css/classic-themes.min.css?ver=1
162.241.2.245200 OK 189 B URL HTTP/2 clinicalorraneiack.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 22:15:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-5.css?ver=1668610444
162.241.2.245200 OK 414 B URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-5.css?ver=1668610444
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1227), with no line terminators
Hash a57def67877f22139e452352010bd070
ead432bb1614002bc1cce0970f51ab51d3449339
8a84510c279c0360b69a7bfa4d940c50bfae67f3e368abd3d48d3056f4b5c18f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-5.css?ver=1668610444 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 14:54:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 414
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
162.241.2.245200 OK 2.3 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6051), with no line terminators
Hash c0a774e614f840a7f380a9aa68f16ac3
d42d9e9c586feba86b3accaf869ca2a365469b54
294b8486de91d8403977d27d636c158fe64ed0c93ce11902ed2f2b10f31d113f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:56:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2332
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11
162.241.2.245200 OK 2.5 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6021), with no line terminators
Hash 551e7026086fdcb28d300175aa8c7693
24eceb9f59705dfeb90fe92cb59c1dd370de56ff
1562188078829f3f5d710b46ec8ad9cd17b895d1f7b598c5906fa4d26fc15e3c
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.5.11 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:04:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2462
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.6
162.241.2.245200 OK 1.9 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11487)
Hash 03ea11a3205317c0211d413680223716
adf4e0433cfa5aa7acb7144df799fd0905dd90f0
619284120dfb82430d9c1bf0805c3b50ae2baca010141ed30d0ee6ccb88fc731
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:31:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1886
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
162.241.2.245200 OK 3.7 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15672), with no line terminators
Hash 607799bfa5d48117a95cd9dda8a17c2b
9a969f06c70600b753b160db19a5d37c9d249d10
78f67e192604e0dca624c2dcc8ea7cd6c54e14fe15918e7c9586ec1a22775876
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:56:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3725
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
162.241.2.245200 OK 4.0 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4008
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clinicalorraneiack.com.br/wp-content/uploads/elementor/css/global.css?ver=1668610445
162.241.2.245200 OK 4.0 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/elementor/css/global.css?ver=1668610445
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14692)
Hash a445221b13c2217fda4be2c3588b92ba
6c467ab355feefce61aab63a359ce570901707c9
fcbe43755ae2d36e2835548267881670882d7a9868a3727a0351525c3efb5cf8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1668610445 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 14:54:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3975
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
162.241.2.245200 OK 2.1 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12953)
Hash b396c47217c7b8948cb6e99fb9056dec
9f64d9ba1927cc5602e9c626fe1ac27ca2afe815
d30dd70fa8bcf79657edea02eb887d0775c07f6b60fd765ea285578bd3eccaa4
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2095
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.2.245200 OK 4.6 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 17:36:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6
162.241.2.245200 OK 2.5 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5141)
Hash e92d73bfd5d684da23198db30a3315c5
da8d7dd5bc412f94ca13c456fdc4a0dcc3372717
4f9b527f4651e06d87a6b21088fb507140b7dfe563315192c59959aaf97ff3f4
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:31:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2451
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/
162.241.2.245200 OK 23 kB URL HTTP/2 clinicalorraneiack.com.br/
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash e1dd628e652259736d695a9c608bd3d1
114dc69d6475c2d22fb32a30534ebbc183f6de89
e58e55d255cf1c75f45871a56457ec1108c266b2affa712a84d0b9186756fb85
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-litespeed-tag: 48b_HTTP.200
link: <https://clinicalorraneiack.com.br/index.php/wp-json/>; rel="https://api.w.org/", <https://clinicalorraneiack.com.br/index.php/wp-json/wp/v2/pages/49>; rel="alternate"; type="application/json", <https://clinicalorraneiack.com.br/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 03 Dec 2022 22:25:05 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6
162.241.2.245200 OK 13 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 1ea3b142a2cfb959f7d8888bda8b814c
90808c045a76bbd97ec35d0d922486cb75441d8e
0d20ffb7ead5466ae8c403979b92fb3845b74e4fbd688db04146a6ed76f574d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13281
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.6
162.241.2.245200 OK 3.0 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2997
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
162.241.2.245200 OK 1.7 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 20:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1712
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11
162.241.2.245200 OK 3.2 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8082), with no line terminators
Hash 4454f3d1d2c990f95a5b434529bdf8a6
ed4a23d5a3dad2d37cdd8b4e293c39a8d73ae740
c2dc85bf51a76388a7ccb3b2accf086465063751c426c04ed4f1ff149818147a
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.11 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:04:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3170
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.2.245200 OK 7.6 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Sep 2022 00:13:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7621
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.241.2.245200 OK 8.3 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 04:25:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8344
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
162.241.2.245200 OK 4.2 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 24 Sep 2022 04:25:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4233
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.241.2.245200 OK 2.7 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Apr 2022 20:34:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2675
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6
162.241.2.245200 OK 7.6 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21374)
Hash deda6829c9586c80d9026b3c020828cd
67cb6f9e8c8c811ef5b0e438d5a6df9b71786fd0
37039a881c3608c346a4c6c5bbb11de1ae44241d13e1dc54ddbac50223c13339
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:31:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7577
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.241.2.245200 OK 3.7 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6
162.241.2.245200 OK 16 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash 71e3344c64c07e805cfb44c4903cde26
d2fd0152311bd1bf8d4618876bd3251a38821465
6e0dc5336339cd40405097e3619c6e2eda0c3df61c394c81dd0cebe1388d1a9b
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16152
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6
162.241.2.245200 OK 2.3 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash b1aa8dffeb0e5cc114885d8380b049eb
50fb4980147661b85a802f2b933fa5ef7b21251b
eb91f6ee38baff1520a24b10c74caababb5263561c6b603294c379f4e952e037
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2313
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6
162.241.2.245200 OK 7.0 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24339)
Hash 01e620cb09036c90ecc01363c0b0dd47
daa8a68df0edf685b9ab3768546622d68f962364
7bccd0834a58031ae8de504ce60535fc91abb17257935a90fa3033735917432e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:31:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7048
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.241.2.245200 OK 5.3 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 14:26:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 27976, version 1.0\012- data
Hash 22907ce040431644b934b72a7c431a36
78863dfb62414fe1a73f64d7f7fbff63ebccb322
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
GET /s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clinicalorraneiack.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:16:42 GMT
expires: Wed, 29 Nov 2023 17:16:42 GMT
cache-control: public, max-age=31536000
age: 364104
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clinicalorraneiack.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.241.2.245200 OK 55 kB URL HTTP/2 clinicalorraneiack.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5939a7bafecbd20cda4e66fd5f54d4e5
740de0c07da03ccf92a9123d81337f52c4cf254c
e5aff01022dd43adae19ae4c922f881707d7a7d453cf338b7bf923dea8dedc02
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 22:46:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clinicalorraneiack.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 269472
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLibre+Baskerville%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 34 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLibre+Baskerville%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
Hash daa11077f59bb0d250bec8141b28efe7
5d38b61442501846c595af0f7d984b6c4fdd49b3
6f677f0ef0862677a0b22f639090601867f1ca26815209877dcfcecb47f25c21
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLibre+Baskerville%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 22:25:06 GMT
date: Sat, 03 Dec 2022 22:25:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clinicalorraneiack.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 269776
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6
162.241.2.245200 OK 29 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 22f1427b909352c6c13b5ffa359fa050
65398195c4632fbd1c895ba445860084e3a0d1e6
f0f20f11c72798f9090d2475a6d7d5ab579cce2000e4059783ee8e23d3f53466
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:25:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clinicalorraneiack.com.br/wp-content/uploads/2022/10/marmore.jpg
162.241.2.245200 OK 42 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/marmore.jpg
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x650, components 3\012- data
Hash db3c8cb3690ce51b186b34a83a62c8b1
773d729ff2277cd4ad46dff581d218f592f02bfb
8ca3487178b3c291cac328e266507ecf312f6eaf9c790a515a4ab8ec577c494f
GET /wp-content/uploads/2022/10/marmore.jpg HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-49.css?ver=1669730399
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:58:55 GMT
accept-ranges: bytes
content-length: 41524
content-type: image/jpeg
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/WhatsApp-Image-2019-02-27-at-11.38.00.jpeg
162.241.2.245200 OK 94 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/WhatsApp-Image-2019-02-27-at-11.38.00.jpeg
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3\012- data
Hash 56f0c8259e5f5c6a9bad18b72bb04477
03405be4a45fa539fd4852ceb46748101fd6c9b6
e492393cb7f2fbfe28259cb8f214169c855a963007615fc360ca3c62363cdd90
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/WhatsApp-Image-2019-02-27-at-11.38.00.jpeg HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:51 GMT
accept-ranges: bytes
content-length: 93877
content-type: image/jpeg
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
162.241.2.245200 OK 93 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:07 GMT
accept-ranges: bytes
content-length: 93372
content-type: font/woff2
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/Belinda-Script.ttf
162.241.2.245200 OK 97 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/Belinda-Script.ttf
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 20 tables, 1st "GPOS", 29 names, Macintosh, Copyright (c) 2018 by mrletters_muhammad rizal. All rights reserved.Belinda scriptscriptmrletter\012- data
Hash 5387cb702dea80f0e419617b35e92547
a898475f053e3dd15b7061130f3aba6f2ee050f3
d89da4abdecaaea36f4bfb654d7ee9901511fde7c8210894f3d3e69c25cea5a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/Belinda-Script.ttf HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-49.css?ver=1669730399
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 20:16:39 GMT
accept-ranges: bytes
content-length: 97056
content-type: font/ttf
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12305
Expires: Sun, 04 Dec 2022 01:50:12 GMT
Date: Sat, 03 Dec 2022 22:25:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12305
Expires: Sun, 04 Dec 2022 01:50:12 GMT
Date: Sat, 03 Dec 2022 22:25:07 GMT
Connection: keep-alive
clinicalorraneiack.com.br/wp-content/uploads/2022/10/banner-quem-e-desk-2.png
162.241.2.245200 OK 296 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/banner-quem-e-desk-2.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 890, 8-bit/color RGBA, non-interlaced\012- data
Size 296 kB (296149 bytes)
Hash b8d6f8dc35b9260d144a044b17fba05f
1bdd4665922a23aa67a442f3dda310d3cfa7fed1
1752f18c4ac9e5a426aa95ff0335b7b0186616569a677abe41b83670c6667aa3
GET /wp-content/uploads/2022/10/banner-quem-e-desk-2.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-49.css?ver=1669730399
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:58:55 GMT
accept-ranges: bytes
content-length: 296149
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12400
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 22:25:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 52884
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/Depilacao-a-laser.png
162.241.2.245200 OK 168 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/Depilacao-a-laser.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (168430 bytes)
Hash 710459297d68ffc5a1ff6560cbce3445
940872426c86c06a30b39255d441df56c3dedf8a
55c208a29fb4a591f3ae0192a74d7333e0c8c95d8bb1fece63d72fd55b2f450e
GET /wp-content/uploads/2022/10/Depilacao-a-laser.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:53 GMT
accept-ranges: bytes
content-length: 168430
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b0065d160e7dbd17cf58f2c837b45a7
0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f
833c0a39ed1d9dcfa4a22f201d06d085e5131121810e98d5e79dd6f84e8fe436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4782
x-amzn-requestid: 98b5d5ca-7590-4756-9b92-3fb327ecc97b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsANG8koAMF_Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-546b61a82a8b952f664346b9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ncXSPf1et6vSgEBmWwY_PperGXmgJGEx0hlLr0lhN6XHi0RLRr6WCA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:05 GMT
age: 2282
etag: "0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/Tratamento-de-Estrias.png
162.241.2.245200 OK 197 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/Tratamento-de-Estrias.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 197 kB (196762 bytes)
Hash 15df8f9d22ecccc19e7c38eb022d23b6
e106e56e827a7fc2999eb7744c01ddc7361c4fa2
b7fe5464e561de3e553ddaf1a970c6581bc17f1166cd7bf368106953946997a6
GET /wp-content/uploads/2022/10/Tratamento-de-Estrias.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:53 GMT
accept-ranges: bytes
content-length: 196762
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 2281
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/limpeza-de-pele-oficial.png
162.241.2.245200 OK 192 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/limpeza-de-pele-oficial.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 192 kB (191802 bytes)
Hash 6c70bc054989df89a8f3f8b9a282c935
b71d16c321dd8a00f3d4db432cce88c50660926d
7733139f43eef265ac4d23a225b8ed0bafb36a7fd9293c6f86d15d95e827dea8
GET /wp-content/uploads/2022/10/limpeza-de-pele-oficial.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:53 GMT
accept-ranges: bytes
content-length: 191802
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/desgin-sobran-OFICIAL.png
162.241.2.245200 OK 206 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/desgin-sobran-OFICIAL.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 206 kB (206112 bytes)
Hash 706803f3dfcda96011611abe98223ff6
b32b53a725ffb1429c6fad4028a6f16768af5fc0
6cee72b960b7f5b76d994bb82877b440951bbef537af90d483399172c1be46e3
GET /wp-content/uploads/2022/10/desgin-sobran-OFICIAL.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:52 GMT
accept-ranges: bytes
content-length: 206112
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7717ff9fcf6cf3268d10312dc3fdaaf
c4f05fdb231c7870b2a918198fa0809d8e8f9c89
bf3b6304a45f172653f45e1e8b4afa7da90096ca36c82b981ca6ec01ccf122a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8286
x-amzn-requestid: 6880d30e-3624-402e-819d-610e35ae27d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAG1HIAMF6Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-43f8e7d312f96110713a7092;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XcnZ2pTQoGkuHEPsazEI09yhI6WWbmZD6g7QYW7rDf5HsegvjdgkXg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:00 GMT
age: 2467
etag: "c4f05fdb231c7870b2a918198fa0809d8e8f9c89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/DESP-TATTOO.png
162.241.2.245200 OK 194 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/DESP-TATTOO.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 194 kB (194334 bytes)
Hash 410f3c4de4efe695fe8efec6aa6f7a3a
86d0524ae5024c0d7be41a6c971926be52af1301
447daade025bf826a1c75a0e3bd16f16b1ea3fdcd4f5143e7fb242c5d28ec946
GET /wp-content/uploads/2022/10/DESP-TATTOO.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:52 GMT
accept-ranges: bytes
content-length: 194334
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 2106
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/design-sobrancelhas-sem-fundo.png
162.241.2.245200 OK 221 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/design-sobrancelhas-sem-fundo.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 221 kB (221053 bytes)
Hash 8714beb75bdafcebeed983c1c8baf333
d605960972a2f01f53839b1de8aa89aa79e191b3
52df17d548d5676e11651e2f73bbc05c2c70d036a71ffc1b5eeaeae84c94e4cb
GET /wp-content/uploads/2022/10/design-sobrancelhas-sem-fundo.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:52 GMT
accept-ranges: bytes
content-length: 221053
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/labial-oficial.png
162.241.2.245200 OK 236 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/labial-oficial.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 236 kB (235764 bytes)
Hash 312b098941cea121ed7fd56ae6b258c2
1df5ef65111b1e49fa27326cbb6308cfdf86676a
3f854f5992dbf864b5dd44ca5e0df10b4a379efc6779730e881bfc8b454bf70d
GET /wp-content/uploads/2022/10/labial-oficial.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:52 GMT
accept-ranges: bytes
content-length: 235764
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 2466
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/micro-sobrancelha.png
162.241.2.245200 OK 232 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/micro-sobrancelha.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 232 kB (231716 bytes)
Hash c7046c487710b5501879c8b9e48262da
0d6cfc8726500f53e6b662532d48f79b88702eb1
c28ea4d4aed55979b8dbfc56adc34a8a24ce9e6645a6c1411afe064a4973ecf1
GET /wp-content/uploads/2022/10/micro-sobrancelha.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 20:41:51 GMT
accept-ranges: bytes
content-length: 231716
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/banner-desk-3.png
162.241.2.245200 OK 770 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/banner-desk-3.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 788, 8-bit/color RGBA, non-interlaced\012- data
Size 770 kB (770249 bytes)
Hash 850cecce95634468251d0317abe368ff
0953fc2ceaaf0fc8d663f091fbb1b4e8d89bc916
c0858fcc6e59f73167ae0b9afdef6adc64877306a4cb09185350c41a0015b2ae
GET /wp-content/uploads/2022/10/banner-desk-3.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-49.css?ver=1669730399
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:58:54 GMT
accept-ranges: bytes
content-length: 770249
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/BANNER-END-DESCK-3.png
162.241.2.245200 OK 902 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/BANNER-END-DESCK-3.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 614, 8-bit/color RGBA, non-interlaced\012- data
Size 902 kB (902485 bytes)
Hash 8b75b73659e2bb43ee66fb91202af940
57d3cbf783faa7960a23081e3be534cfbd3b3531
7b972af36fb6e6ad68443a7343a7e8680907ab8e5941ee7a631b4ba1d46e1530
GET /wp-content/uploads/2022/10/BANNER-END-DESCK-3.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/wp-content/uploads/elementor/css/post-49.css?ver=1669730399
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 19:58:58 GMT
accept-ranges: bytes
content-length: 902485
content-type: image/png
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
162.241.2.245200 OK 1.5 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3469)
Hash 3e99778bd522a444b1e2a51165786a48
cd130fc521331908a1d3b5f3964cf137bca8ea5e
a429d64ed5e5613d0b8a045a42f796bf274ec659ac425d2eb834ee6f65a66c48
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1516
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
162.241.2.245200 OK 672 B URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1320)
Hash 5f85ff70751022d9a40cd74af8442590
415ba307affa2c6902887d4c80210fab2a4142e2
b5e4481c6804a6e26ad98848e67db06491b6489fa96b8e606fc708e8d793f631
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 672
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:07 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
162.241.2.245200 OK 11 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28962)
Hash 312df676d231bb9cfa1ef73ddb032af3
4d68620bde9fd966f4cc6a2e840e991a446035f6
59e383b5fc450db18ce32143e9cac866dc6f6592d1d604bb4b95c62ece7a2062
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/lightbox.2d166d71ba2a6a9e66fd.bundle.min.js HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11358
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:07 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.6
162.241.2.245200 OK 1.2 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.6
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2620), with no line terminators
Hash 55936584085d0d310919b755eda1ab3f
be317c3b2ed5143669375295b3107e591bf708da
aad2265c39cafa6e01b791b1ef5025a2d237ee91346ef446beb722fdcd578d58
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.6 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1187
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:07 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
162.241.2.245200 OK 4.2 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10544)
Hash 552977febe8ef2c71b0806dfaefd2552
01baebfd09383c5d44f066e7b5540fcca6a5eae4
7895907f5a4f54c08c4705b1a194e21c556d68027c5e0a70d4c05b377e712b1d
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 12:30:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4200
content-type: application/javascript
date: Sat, 03 Dec 2022 22:25:07 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/cropped-logo-sem-fundo-1-192x192.png
162.241.2.245200 OK 35 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/cropped-logo-sem-fundo-1-192x192.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 133dae5999d00d488700660807855620
edd21dd6266a47dc48e58ea65e614407035d58a5
772ea91053de849f2547aedd83843f877e1d494f121a4e881dff742c469b4a7f
GET /wp-content/uploads/2022/10/cropped-logo-sem-fundo-1-192x192.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 20:23:34 GMT
accept-ranges: bytes
content-length: 34916
content-type: image/png
date: Sat, 03 Dec 2022 22:25:07 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-content/uploads/2022/10/cropped-logo-sem-fundo-1-32x32.png
162.241.2.245200 OK 1.5 kB URL HTTP/2 clinicalorraneiack.com.br/wp-content/uploads/2022/10/cropped-logo-sem-fundo-1-32x32.png
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e59874d41f4e6f950723c1c8382725f7
097d5e353ddd32d39a2bef165288003907d18ace
b9d82f241d0a03a24becb077b8827a98e3a5d7a17f8f2470f93e3d83bda793e0
GET /wp-content/uploads/2022/10/cropped-logo-sem-fundo-1-32x32.png HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 23 Oct 2022 20:23:34 GMT
accept-ranges: bytes
content-length: 1509
content-type: image/png
date: Sat, 03 Dec 2022 22:25:07 GMT
server: Apache
X-Firefox-Spdy: h2
clinicalorraneiack.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.241.2.245200 OK 0 B URL HTTP/2 clinicalorraneiack.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.241.2.245:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: clinicalorraneiack.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clinicalorraneiack.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 14:40:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 03 Dec 2022 22:25:06 GMT
server: Apache
X-Firefox-Spdy: h2