IP104.18.38.233:0
Hasha2e95185275b3eda2f5d3236c737049c 0b1f943f64046070603406ef2ea23fe3d76ccb30 0bc7205dda0d40f2d85f253b90f2774b28afc854febed48232812ca0c653928b
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 May 2024 00:26:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 10 May 2024 14:01:54 GMT
Expires: Fri, 17 May 2024 14:01:53 GMT
Etag: "0b1f943f64046070603406ef2ea23fe3d76ccb30"
Cache-Control: max-age=566704,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881e0a24e8727131-OSL
|
| www.missal.pr.gov.br/storage/downloads/cotacoes.exe | 191.37.196.228 | 200 OK | 12 MB |
URL User Request GET HTTP/1.1www.missal.pr.gov.br/storage/downloads/cotacoes.exe IP191.37.196.228:443
CertificateIssuerGoGetSSL Subject*.missal.pr.gov.br FingerprintAD:C9:09:95:7E:64:BA:75:64:41:61:B0:6C:59:0E:A4:2A:09:AB:9B ValidityMon, 05 Jun 2023 00:00:00 GMT - Fri, 05 Jul 2024 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 9 sections Size12 MB (11450368 bytes) Hash07828df777268f2a08c454c6d9e50255 fdcdefc1675d4ee79892b96363dbee6b253f1a91 4e0a37bf527c898c93e73041d55bc83c9674a521e40d223f0327f9fd97bc67b7
Analyzer | Verdict | Alert | VirusTotal | suspicious | |
GET /storage/downloads/cotacoes.exe HTTP/1.1
Host: www.missal.pr.gov.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 May 2024 00:26:48 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Security-Policy: default-src 'self' data: https://cdn.jsdelivr.net https://*.googleapis.com https://*.google.com *.youtube.com https://stats.g.doubleclick.net *.facebook.com *.cloudfront.net https://i.vimeocdn.com https://www.google-analytics.com *.gstatic.com https://www.googletagmanager.com https://www.sympla.com.br https://connect.facebook.net https://maxcdn.bootstrapcdn.com http://player.vimeo.com https://secure-b.vimeocdn.com *.typekit.net *.tile.osm.org 'unsafe-eval' 'unsafe-inline' blob:
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Last-Modified: Wed, 06 Feb 2019 18:50:00 GMT
ETag: "aeb800-5813e316c7151"
Accept-Ranges: bytes
Content-Length: 11450368
Strict-Transport-Security: max-age=31536000; includeSubDomains
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Content-Type: application/x-msdos-program
|