track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3
303 See Other 275 B URL HTTP/1.1 track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3
IP
ASN #29119 ServiHosting Networks S.L.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash c9b37e027782770fc0c9cbb4ef83d63b
8c0742d49b1e408017f7ad2ae2de980e9a9ab5b7
971222704ffd77e74abb5e66296b729091d3fa6e19f0687f997a082f638e15fa
Analyzer Verdict Alert fortinet Phishing
GET /ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3 HTTP/1.1
Host: track.dublicitly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Thu, 22 Dec 2022 23:12:43 GMT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-cache, private
Location: http://igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3=
Content-Encoding: gzip
Age: 0
Vary: , Accept-Encoding
TP-Cache: MISS
Content-Length: 275
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5022
Expires: Fri, 23 Dec 2022 00:36:25 GMT
Date: Thu, 22 Dec 2022 23:12:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6568
Expires: Fri, 23 Dec 2022 01:02:11 GMT
Date: Thu, 22 Dec 2022 23:12:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 22:46:05 GMT
content-type: application/json
age: 1598
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5465
Expires: Fri, 23 Dec 2022 00:43:48 GMT
Date: Thu, 22 Dec 2022 23:12:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MFKfj7R77SIhk+TaQUM0O78v/i9wOA121da6TgtnTmDjvbSIj0yPNkklZyCEPqJty2Z5UZ+u4hw=
x-amz-request-id: 0H5MNKJWN5P75K6W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 22:55:57 GMT
age: 1006
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3=
302 Found 317 B URL HTTP/1.1 igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f8813964aa860f3c092499cdc1cc2a21
0f81cd0ae0ff003d6eca17dab83b711cbcd9f1cb
1d6517f17c50ca9189db89c709b8961dd3939166994c396169a110ef39581667
GET /aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3= HTTP/1.1
Host: igoal.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 22 Dec 2022 23:12:43 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 317
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3=
Pragma: no-cache
Access-Control-Allow-Origin: *
X-Request-Id: 6e9456466a8b900c0bb1dfa614da2a80
Access-Control-Allow-Headers: Tune-SDK-Version
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 23:12:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 94c68399855018fdbd5d176ef907625e
e9b1574d8a4055d6c08742cc191b4f4ccdee69a4
d588abd27634a5acea29e32c3edc6124b99e3356533c4c0311a129ece6d84a4f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150173
Date: Thu, 22 Dec 2022 23:12:43 GMT
Etag: "63a4862f-1d7"
Expires: Sat, 24 Dec 2022 16:55:36 GMT
Last-Modified: Thu, 22 Dec 2022 16:30:39 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YUREqLqi42jLHNogKEaiYWKMe54nsKB3-wlFXF15l9LdmGGUbRMDPA==
Age: 1497
igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3=
302 Found 246 B URL HTTP/1.1 igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc0da7c55dfe8ab7fb763c80ce47494e
41693e9a2bbec16d5623fcf67f51d4a95cf7ab3c
8d6e81aa9d09deafa2f614cd6728c27b7570c367f6376be1d0da5e547e5009f5
GET /aff_c?offer_id=5311&aff_id=1269&aff_sub=M2022122223-41a22cd80faeab9ff0135c56da713d25&aff_sub3= HTTP/1.1
Host: igoal.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 22 Dec 2022 23:12:43 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://campanha.protestemarketing.com.br/engine?mktcode=HCKB04
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_5311=ENC032dcf4a5775b278fcf077b162e152f3e43d809bb5c076d9bd806334df77bc75f439518fd8b56b72ec0bad5900a81ee303e41fa72a2d3d3097559cd266e817b7760f33f5daa44e85c3e4ebf827824c9cb0579ae8a18c9edb7847d42a674a9984d389befd401bba8e62918a4b1b5a9c11ca4ab83fddefd8749f6f522085f6a9d65fd6873402903a8fdeb74c8f9f40f8226364e8e66cfa69826df2fcf705e09c2a031d4c7899; expires=Thu, 29 Dec 2022 23:12:43 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 16 Nov 2025 09:52:43 GMT; path=/; SameSite=None; Secure
Tracking_id: 102a1652a8c8f69e620ce7f3361215
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 5ee158f21d39115b8f600cca588f9f22
Access-Control-Allow-Headers: Tune-SDK-Version
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 23:08:02 GMT
age: 281
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1786
Cache-Control: max-age=123832
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:44 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 09:36:36 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
campanha.protestemarketing.com.br/engine?mktcode=HCKB04
302 Found 262 B URL HTTP/1.1 campanha.protestemarketing.com.br/engine?mktcode=HCKB04
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d0b62b7cf01aae6645b1be130efa9512
201f29356f427a6f92fc9c85a2a7a41f43e6cd42
a41c1961aaec86a22891918fde0bc39f7e5f67bb4243ea078d56e4373efbc103
GET /engine?mktcode=HCKB04 HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 22 Dec 2022 23:12:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Location: /oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
Set-Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo; path=/; HttpOnly; SameSite=Lax
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGZmclv1lPSASUtdBRkQE7PYcV8ifHVx4oqX%2B10D8Sd%2BTA4EzRYUbro3R%2FelwtCH2kQnj1ejB3Heua6jEj2ZxejlKE5sf1XC3LhuVpGlUbd529EbYSnT6EEzewOL%2Bg5yoxiKZJxqH3WI5y%2BLwdEmtk%2B%2BkOo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77dc8b420ec5b523-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GyKLN5bMPbzCCScn4kwo8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nMRIbfdvYSg41lsRhXQcaR+79RM=
campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
200 OK 2.8 kB URL HTTP/1.1 campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (477), with CRLF, LF line terminators
Hash 38e53293125beffb7c2322cd459fbb0b
16ac46fd9a73ef11237ec5c06ece89f26259a689
6ed448ce39cb61bd686b647f6a6770974bd8f17ed2310b52559b8acb2aef1609
GET /oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1 HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 23:12:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DTookUzvFcv81EKF%2FJCQFqmFIJrokEmm673oVo1m5CSGrJeRI3zdibT5qowedPQiZ%2FdFHSifiiccJXEhPZ%2F3qibi9c0jKLs93E6cZB7AMbYE22s3HPf7SwCr0c69p3AE9KWRKDChSW05DjiJ4lCt9s21cQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77dc8b4549b1b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/aos@2.3.1/dist/aos.js
200 OK 4.7 kB URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.js
IP
File type ASCII text, with very long lines (14239), with no line terminators
Hash 53922d1d7f8f0766093f89620edde33a
ee94d79457c713aa95abac6e931363f87023b24e
d350073e103590de43e1595f83b66581e55734475dec62a2801793ea01d7bf0a
GET /aos@2.3.1/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
via: 1.1 fly.io
fly-request-id: 01F3YGTK14BN7YR0KMC99B0BKK
cf-cache-status: HIT
age: 21061540
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77dc8b4868a8b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c179e3bf10e48b91c4060c442b264bcd
daeee1d734808f6547d15b0510b5c6fe22492a57
3dc99f53eb26892c18928210333734a85ebde979f46adec8b57fbdf8eb9f5a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:44 GMT
Last-Modified: Thu, 22 Dec 2022 21:33:38 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtm.js?id=GTM-KLL3N3
200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KLL3N3
IP
File type ASCII text, with very long lines (2595)
Hash c43fe8e639d179669d83b7d2074565b4
a3bd5127ded5a5f411c1437d8e3cbbca31ac346d
c6fb964e1b77a90b31928013f903fdf387c7dc2b454a92215ffe6f588c5813c4
GET /gtm.js?id=GTM-KLL3N3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Dec 2022 23:12:44 GMT
expires: Thu, 22 Dec 2022 23:12:44 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
Hash f8cf1deef414a8858cdcb7a29d6ff117
7a3e205b9eba810f22eb2230bee8ec47ad219b61
246835e0cfe54a11c502b460b31a41b34b3d89858dd5d525c360b5a3e92fe146
GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Dec 2022 23:12:44 GMT
date: Thu, 22 Dec 2022 23:12:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c179e3bf10e48b91c4060c442b264bcd
daeee1d734808f6547d15b0510b5c6fe22492a57
3dc99f53eb26892c18928210333734a85ebde979f46adec8b57fbdf8eb9f5a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:45 GMT
Etag: "63a22102-116"
Server: ECS (amb/6BA7)
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash c179e3bf10e48b91c4060c442b264bcd
daeee1d734808f6547d15b0510b5c6fe22492a57
3dc99f53eb26892c18928210333734a85ebde979f46adec8b57fbdf8eb9f5a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=164501
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:44 GMT
Etag: "63a4c401-118"
Expires: Sat, 24 Dec 2022 20:54:25 GMT
Last-Modified: Thu, 22 Dec 2022 20:54:25 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
campanha.protestemarketing.com.br/Scripts/func_js.js
200 OK 1.4 kB URL HTTP/1.1 campanha.protestemarketing.com.br/Scripts/func_js.js
IP
File type ASCII text, with CRLF line terminators
Hash 50038c1eb358ac4065f501a4c80d237e
3dcb478fd68dd21bfb43ce3ddb30657f333c870a
aaf7e0a085bec379f214b7bca343149c575524335c179aa771b82dfc41801e7c
GET /Scripts/func_js.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 23:12:45 GMT
Content-Type: application/javascript
Content-Length: 1368
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2018 15:00:55 GMT
ETag: "d86a1233e16ad41:0"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mgFVIzkfLWnRjR8j56GBqgWvt6eMm8cFnTEnHa3OhvwtZ9UUorxw35jykHw2%2BwM6vi7BoN0KWBS7cXHS7jAuxf9GIca%2FYH394qo6TggXcAgkn0n45tHKk0DIU3DFSiEShiAMBu6%2FwbCiOBXwTzPJyC%2FMFU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77dc8b481c03b523-OSL
alt-svc: h2=":443"; ma=60
campanha.protestemarketing.com.br/Content/colorbox.css
200 OK 1.3 kB URL HTTP/1.1 campanha.protestemarketing.com.br/Content/colorbox.css
IP
Hash 74ff6e043a7dfe18d466e0e36ba80ce8
c182f401d8ab26a6220c20e5d6549e21766beb16
445b83e34d22e5af3d6c5f6b8d37f01f159f86a1409a05e4cd38eea91e89d591
GET /Content/colorbox.css HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 23:12:45 GMT
Content-Type: text/css
Content-Length: 1275
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 13:20:21 GMT
ETag: "fa4ec4f25386d41:0"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FayWbGbG10J%2FnV6DrgDgoETquS8mcpV8HUCHGqUt94%2BmNKMFM3w9O6pb7I2UnLxwgv9949L%2F%2FOa9Z%2B3aGaV58Oxjl8QKR2D3QsF94cWyHoHPjCJqhCXCAqpvfigrExWpMLftb38hB0OvjT02x5r6PT42W8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77dc8b481df3b527-OSL
alt-svc: h2=":443"; ma=60
campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js
404 Not Found 681 B URL HTTP/1.1 campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
GET /Scripts/colorbox/jquery.colorbox.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo
HTTP/1.1 404 Not Found
Date: Thu, 22 Dec 2022 23:12:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fonyi%2FKUgWgH%2Fhs75bgou12VeIyhthJnPkNoJPq%2BuE0PWqmwGfd4k8WFF3GoJNS9KaS402LMzPNTCLosrx2v2xeO8gbjcnyL8NXrl0pRXU5dj8NOU07Qj7XVU3F4Td4S6hAYcj51LbHbJiYvDYWoCZ8QmLs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dc8b481c0d0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16949
Expires: Fri, 23 Dec 2022 03:55:14 GMT
Date: Thu, 22 Dec 2022 23:12:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16949
Expires: Fri, 23 Dec 2022 03:55:14 GMT
Date: Thu, 22 Dec 2022 23:12:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16949
Expires: Fri, 23 Dec 2022 03:55:14 GMT
Date: Thu, 22 Dec 2022 23:12:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16920
Expires: Fri, 23 Dec 2022 03:54:45 GMT
Date: Thu, 22 Dec 2022 23:12:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16920
Expires: Fri, 23 Dec 2022 03:54:45 GMT
Date: Thu, 22 Dec 2022 23:12:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg
200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37ffea06e6cf128e4e43c662f4e8ad21
2d7b97172e7a0481a6eb1ccf0aa970d8934b2146
54a17f81719e2113d10e4bfadda1770b2f7d7827d6dc718327a1e469a4e07eca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2495
x-amzn-requestid: 9fe89a74-d6ce-4c60-94d6-42f3ff69a1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqH68IAMFYGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-3c64c13f25da86714b698121;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Kef1NLYhKCghYCOvNnZJds6d4BT1mBXOt3MPN2Y-ysiGoVuTTSiGUA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:36 GMT
age: 5649
etag: "2d7b97172e7a0481a6eb1ccf0aa970d8934b2146"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86c588ce8a5cde9b24e6f80343cf7c14
014622b9d2cac3527649ed02a7615897d08e5fe8
2ca9290c5c7ce52bd26e94c37c73a3e85a3cd22f80c39f447ea6fa0eb83f1766
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 865fc5a0-a122-4625-bc1c-a7ed04fbdb1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhcOAHfDIAMFR3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3a726-183035205ffc38482c286a4b;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 00:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hnYExdSSesGisF7bfrDfSNapm3ABFi5zaXbomSOhH3-wfTdADjViTg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:15:14 GMT
age: 25051
etag: "014622b9d2cac3527649ed02a7615897d08e5fe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unpkg.com/aos@2.3.1/dist/aos.css
200 OK 5.6 kB URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.css
IP
File type ASCII text, with very long lines (26053), with no line terminators
Hash f2b925a5addacb57bff54ca5a8c6e900
5ac9b64d6e997d175473f024ab851daf0d6549a8
930da99ee9a7708965ecfbd07ce8417cef6e50e61fc6332d50211216222f544c
GET /aos@2.3.1/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:44 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
via: 1.1 fly.io
fly-request-id: 01G754J040XBCARD93ACQA76A4-fra
cf-cache-status: HIT
age: 14794437
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77dc8b48589fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61b1b9ece5581fe0b212144f45243f1a
d161c613f1491ae6ab63b536c50c6630e80d6382
f5a2b23b66a05734b86755986573c07c5f75bc6cbe67d2b769aee9ef402b2c14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 470b959f-7f5f-4a64-8d8d-bfc91856fad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBBFhZIAMFhiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8539-3916bad034c86d5503e456f2;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: n0BaTqs_U_Apyf2luwRS_FHBH-Tkf6NEq59S3IwJxBiiROghmg1yvg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 06:25:06 GMT
age: 60459
etag: "d161c613f1491ae6ab63b536c50c6630e80d6382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47ee94a5-9c56-4939-b124-56487f665b25.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47ee94a5-9c56-4939-b124-56487f665b25.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 187fd7f19c2b5452c58da85ac9010790
ae6a889ca7a320d976dd68c00cfe9fbd9e4b20be
a4baaa24e3ec3d41805bf1fe31f7d8c8572f7339950f65f356d9bdd8b101fa80
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47ee94a5-9c56-4939-b124-56487f665b25.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11460
x-amzn-requestid: e44d67f8-de86-44d3-8c81-30f8f9165623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkVD-EK5oAMF3eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4cee6-040b15d4132e0af7118d6217;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:40:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y_HOu1dDbdlkh8mU2QQwmIwiddfI8ZplWJbk8WBJcehxIeppmfzxsw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:50:19 GMT
age: 4946
etag: "ae6a889ca7a320d976dd68c00cfe9fbd9e4b20be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96a126d8ae1c913ce8e756744ccc5436
733507091d3da02e963fa7e3e86e8ccac9dd0201
06e0f305ba90ef771ddb9f9ef0f68b1809df7581d23f80f364dff0197ed76076
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6480
x-amzn-requestid: db9db216-ecae-44cd-b013-48f6a0b37d5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOiR6FgKoAMF9JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c173f-64e1b6984203f55d4a359cdb;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 06:59:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eFn2M6kZ706R47EKgHnavH9Zq9gEXdB5AbXT86uiULTfn6ttPdu_Pw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 08:57:46 GMT
age: 51299
etag: "733507091d3da02e963fa7e3e86e8ccac9dd0201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.selecoesbrasil.com.br/LpProteste-bp-ago2021-Icone01Burocracia.png
200 OK 5.5 kB URL HTTP/2 img.selecoesbrasil.com.br/LpProteste-bp-ago2021-Icone01Burocracia.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash a7b121a11faa63765fb2f406673599d1
9defa3e1d10d5672dd79cb34f095df6f274ab9d0
6414f078cab7777372fc351f08078dcbfc08c8bc51917f95110108996f2aa387
GET /LpProteste-bp-ago2021-Icone01Burocracia.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:45 GMT
content-type: image/png
content-length: 5480
last-modified: Thu, 12 Aug 2021 17:56:30 GMT
etag: "09bf760a38fd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBvy1uL89nVStHgyOg23oQ8j9J2KCa2NuwR7xJ9v6Mfw8R66BChEv%2F5U0FbdNUAMw9LXzAvk9nEb5C9BaaH1bEMCP451Rv9i7AZTFc%2Bh2mAcw6SfU1QaV8ZofO9saUImyeCW8TpqpKuHr7sF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dc8b4949c6b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.selecoesbrasil.com.br/LpProteste-bp-ago2021-Icone03Mundo.png
200 OK 6.8 kB URL HTTP/2 img.selecoesbrasil.com.br/LpProteste-bp-ago2021-Icone03Mundo.png
IP
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 335429ff7bf72b1181abb179eaf040f3
37549e475c2e108cfd91c5f8e90319524d7e090b
11ce70e5f79a2abbab97ea78fe4278b2a04ff0902503a466f92714adb3d01c85
GET /LpProteste-bp-ago2021-Icone03Mundo.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:45 GMT
content-type: image/png
content-length: 6758
last-modified: Thu, 12 Aug 2021 17:56:10 GMT
etag: "0d9b55a38fd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4cfURgAWs0lbODgnthCpp5vttvn%2BIFPp%2FpoLsRLuBGD2RV8RgzXUXhipmaRQyHUJ8UcLakmUzjRk%2BumXbaDFgPIIdwEvlKzAvE%2BqL7P%2FcVjc%2F%2FeGuF49vbC5wcIKRQ2OtkGLl12xa%2Bfduny"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dc8b4949c7b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c179e3bf10e48b91c4060c442b264bcd
daeee1d734808f6547d15b0510b5c6fe22492a57
3dc99f53eb26892c18928210333734a85ebde979f46adec8b57fbdf8eb9f5a96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:45 GMT
Last-Modified: Thu, 22 Dec 2022 23:12:44 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
img.selecoesbrasil.com.br/LpProteste-bp-ago2021-LogoProtesteBox.png
200 OK 18 kB URL HTTP/2 img.selecoesbrasil.com.br/LpProteste-bp-ago2021-LogoProtesteBox.png
IP
File type PNG image data, 550 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 179b331a5fc356db0799553c4a6d19b7
7f1b591c8e922fb393429c2ac56eaabbeac76560
5bc925d85787166dbf59d80dfbc52926408a12098e8b733327f2eebee5c8faf8
GET /LpProteste-bp-ago2021-LogoProtesteBox.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:45 GMT
content-type: image/png
content-length: 17941
last-modified: Thu, 12 Aug 2021 17:21:56 GMT
etag: "052c48c9e8fd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57T8e36qd8blaD%2B%2FMndSxYII%2FV7nNztTtyuo3Vn8oDEJBgz6SDS5v9GURIqamaSBazQ94ibH5AFkK4pq9wLK0DkcBf%2BEug3Tn%2FlTrA5ghlmiNQr92y9Kvx4GCkQXh6xEpC8BamLxXkoIRwwj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dc8b4949cfb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js
404 Not Found 681 B URL HTTP/1.1 campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
GET /Scripts/colorbox/jquery.colorbox.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo
HTTP/1.1 404 Not Found
Date: Thu, 22 Dec 2022 23:12:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT86a8ybYnN95%2FnywizUZshK027IlN9DDX6F06qAtjF6jxD%2FaoxgytMpHZr0mDC33VkQLwsGFqEMbwvZHguMN9LvMG53rwzJc8nMbs17FYGCql9xL8aRVmgaAO7Ps6A27g1nzpxU1cz7UqgecqaGrUngjyc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dc8b4fdd7bb527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.selecoesbrasil.com.br/LpProteste-bp-ago2021-imageHeaderCartao.png
200 OK 94 kB URL HTTP/2 img.selecoesbrasil.com.br/LpProteste-bp-ago2021-imageHeaderCartao.png
IP
File type PNG image data, 746 x 557, 8-bit/color RGBA, non-interlaced\012- data
Hash 624d68c07d78c40de30741d083a11469
9692c45df76dec566fc401656d1936e491f2479c
69e0c7f8ecceff19a15104f1e5bb5326d1ae8782929c59cd50302b38ae63d6d3
GET /LpProteste-bp-ago2021-imageHeaderCartao.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:46 GMT
content-type: image/png
content-length: 94368
last-modified: Tue, 17 Aug 2021 20:28:02 GMT
etag: "0754960a693d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gyjLayFOe2fGv3bX%2BXdNhGEMyjwe2iXave2PzwbMgieDNsZvNEejlg%2FpDOMUJDbbI3Y5BUIs%2FXFZh0W9avXVLbmjPVChKuP1384fa6g394yYqwiY36uKsANPfM0Q%2FfmtzkRwFcAci%2BWO%2BBB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dc8b4949d2b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 99532
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.selecoesbrasil.com.br/bootstrap3.min.css
200 OK 21 kB URL HTTP/2 img.selecoesbrasil.com.br/bootstrap3.min.css
IP
File type ASCII text, with very long lines (65371)
Hash 48ed8904161cbda9ceed188a340b2703
75742e9ff0619f251c6fd23295635f8f8efc4a8c
8375c9ca71e8775c908a19017fe08f018dab343acec6d01ca1550105dd3e5a9e
GET /bootstrap3.min.css HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:46 GMT
content-type: text/css
last-modified: Sat, 05 Mar 2022 02:32:50 GMT
etag: W/"b055ff4e3930d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdJXc%2FE1CkBN%2BlgdhblOpDDA2HipUZrfsF4hpBoJoWCsi8M%2BzHHCbcVt0NwjI2VaQo7oHxVXPsH2xN7NxnmZMtF77abOMncbJi9Tkbuh%2FbTyYv29rSxUOxClRlVqzD8yawXkXkFV6rrH6VfQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dc8b4979f9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:42:34 GMT
expires: Thu, 21 Dec 2023 19:42:34 GMT
cache-control: public, max-age=31536000
age: 99012
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:56 GMT
expires: Thu, 21 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 99530
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.selecoesbrasil.com.br/LpProteste-bp-ago2021-HomemCartao.jpg
200 OK 502 kB URL HTTP/2 img.selecoesbrasil.com.br/LpProteste-bp-ago2021-HomemCartao.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x818, components 3\012- data
Size 502 kB (501915 bytes)
Hash 9db5d60888264a6f025eabf479428a1c
737df5d829ea3adc75ca9bfba4b38cd5757fe4ce
8a9e4f270479c60f688de2d4ab774d6f9dbf0eacc720420578e8446a36357220
GET /LpProteste-bp-ago2021-HomemCartao.jpg HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:46 GMT
content-type: image/jpeg
content-length: 501915
last-modified: Thu, 12 Aug 2021 17:36:18 GMT
etag: "0158f8ea08fd71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asq4PI1GhZSmbBb0S6jnQJs9xk0TsuPajV0TQYLLqpLytTu7Eya8d59Av2AFqWpahGAHn5QK5%2BLop3spoRi1%2BM%2BfUuPGVLvoy6Midb%2BzCoM3OaNJJNTzpZhdM3sM3PaEyjJpFCkuGLQTLggH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dc8b4949c3b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.selecoesbrasil.com.br/LpProteste-bp-ago2021-MobileApp.png
200 OK 387 kB URL HTTP/2 img.selecoesbrasil.com.br/LpProteste-bp-ago2021-MobileApp.png
IP
File type PNG image data, 1000 x 926, 8-bit/color RGBA, non-interlaced\012- data
Size 387 kB (387436 bytes)
Hash 08a1423d059b84dcd46725e0234da087
57fb12700cef6118dea9af153406f5ff5fb20f40
4d2d4aa273f026885a3982ce12f87097cb16a15c3d785353a4ec8051f5e36cc2
GET /LpProteste-bp-ago2021-MobileApp.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:46 GMT
content-type: image/png
content-length: 387436
last-modified: Fri, 13 Aug 2021 16:55:58 GMT
etag: "0238a166490d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DKAtRgwJSYQUUtU%2BUYV5%2BCbmV99917DZBPfK8%2Bf8U5rVhFgwtwD30PZj5BhpwS%2B5EJTCAZck5SdCsck0a6LUkXfh37V8AvDiy1ieytcFna1iBLFuitCDXyAFUIHX%2BGrqxfaxRHZYvAJlWxc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77dc8b4949c5b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 22 Dec 2022 21:34:02 GMT
expires: Thu, 22 Dec 2022 23:34:02 GMT
cache-control: public, max-age=7200
age: 5924
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a06281b6bb06069d21666372c708f6c0
c7622a20b3fb40dcb00f393382601e95ff59a8c2
8b7f74ecc617d58979a40b30abe40faca246e302528c3fe3d086f339574a7809
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=416486504.1671750766&jid=799657904&gjid=451974757&_gid=810937350.1671750766&_u=YGBAgAABAAAAAE~&z=1640711369
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=416486504.1671750766&jid=799657904&gjid=451974757&_gid=810937350.1671750766&_u=YGBAgAABAAAAAE~&z=1640711369
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=416486504.1671750766&jid=799657904&gjid=451974757&_gid=810937350.1671750766&_u=YGBAgAABAAAAAE~&z=1640711369 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://campanha.protestemarketing.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Dec 2022 23:12:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2823459.js?sv=6
200 OK 8.9 kB URL HTTP/2 static.hotjar.com/c/hotjar-2823459.js?sv=6
IP
File type ASCII text, with very long lines (7679)
Hash 1ddf1671d3467dab17cd82147699bc88
b044bb10de6940d6c91fe0fa520f3d0fa2fe97a5
59a9e313c1e925fe72986dbafd002828446cdded9210f5a7d1164d32131d376a
GET /c/hotjar-2823459.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 22 Dec 2022 23:12:47 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/37f26be51e98e8e7cb6e2bb058261e99
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IxKRc-YZChZdl7HgnGkbkSac9mTTQfbS7C0Z6ilD9ZNpEzT5bHUbSg==
X-Firefox-Spdy: h2
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
200 OK 57 kB URL HTTP/2 d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
IP
File type Unicode text, UTF-8 text, with very long lines (65223)
Hash 2a828be04895e6d8c11a79bb3476e3f4
179fb09686c8ee9880d99792929d8fc1ffdb766c
5aefdf59603e1e9bff53c75224da851e5088dcd3c4a3e5a292d99119cc59496d
GET /js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 56909
last-modified: Fri, 02 Dec 2022 14:05:52 GMT
content-encoding: gzip
x-amz-version-id: 7oSxp.VyXFn1opjxafVUEz1schBCjMdC
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Dec 2022 00:40:28 GMT
etag: "2a828be04895e6d8c11a79bb3476e3f4"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mD-oNiPpA7pfWj-mflgg3zcGGzkKcKyOvnlDMpnmdeqlT-YiuR1SAA==
age: 81173
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a06281b6bb06069d21666372c708f6c0
c7622a20b3fb40dcb00f393382601e95ff59a8c2
8b7f74ecc617d58979a40b30abe40faca246e302528c3fe3d086f339574a7809
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:12:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
campanha.protestemarketing.com.br/img/NGWP_favicon.JPEG
404 Not Found 681 B URL HTTP/1.1 campanha.protestemarketing.com.br/img/NGWP_favicon.JPEG
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
GET /img/NGWP_favicon.JPEG HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=HCKB04&eid=22123359023921&edmid=53D6CAF74176D1ECAD7F1FE6FD5382FD&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=rgmhcuulekplkjuxqxm0dlwo
HTTP/1.1 404 Not Found
Date: Thu, 22 Dec 2022 23:12:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0gT4Gd6D6AQCbUAf%2FXdc1p%2BJL2wAT8g8ujtPcobcGr7bUdfqwc469fq0kbjwePu64PG%2FLOLsJvmQIbOCbxi%2B0yOzc4PbeDc6cZeOsdrMKBsDgmby6Ni5VuPqLwnhYSG04KdiFRW8%2B%2BlMjIxrXYEujfcHqA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77dc8b558b42b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c295dea7663cd79db147d3d3c72636c1
6f57fd1301b4098ce6a94d4b462f100e6d73cd5a
fb778306f737857e41a8d3a404e30f4c634f90e490bae11ff1d5630791a65ef4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB778306F737857E41A8D3A404E30F4C634F90E490BAE11FF1D5630791A65EF4"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7445
Expires: Fri, 23 Dec 2022 01:16:52 GMT
Date: Thu, 22 Dec 2022 23:12:47 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash fefcc61ac485019957913b244c1a9246
96aeef15627b8590c21c5a48a8efe44dfe0c11e2
8f8f298656b972d3367b2311efbe2614987cd141c1f3681befc54b2f1178ec82
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Dec 2022 23:12:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Dec 2022 19:05:37 GMT
Expires: Mon, 26 Dec 2022 19:05:36 GMT
Etag: "96aeef15627b8590c21c5a48a8efe44dfe0c11e2"
Cache-Control: max-age=330168,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77dc8b592f71b4f1-OSL
pageview-notify.rdstation.com.br/send
200 OK 36 B URL HTTP/2 pageview-notify.rdstation.com.br/send
IP
File type ASCII text, with no line terminators
Hash 98c5a3f42a8d761c17eccd24956cd46d
5daa6b55aa3d08f96f2789ffdef323b8a748c9f7
e33d4fbc9e67918a9342a8898b182162c6af45f678026b1d38b4b39f60f1778a
POST /send HTTP/1.1
Host: pageview-notify.rdstation.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 99
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:47 GMT
content-type: text/html;charset=utf-8
content-length: 36
access-control-allow-origin: http://campanha.protestemarketing.com.br
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
set-cookie: _rdtrk=c5aed665-f397-4524-9ecf-c2409256bb0c; domain=.rdstation.com.br; expires=Thu, 01 Jan 2032 00:00:00 -0000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
popups.rdstation.com.br/popup/show.json?account_id=122066&uniq=_o9bcjdqh5&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1IQ0tCMDQmZWlkPTIyMTIzMzU5MDIzOTIxJmVkbWlkPTUzRDZDQUY3NDE3NkQxRUNBRDdGMUZFNkZENTM4MkZEJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x
200 OK 13 B URL HTTP/2 popups.rdstation.com.br/popup/show.json?account_id=122066&uniq=_o9bcjdqh5&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1IQ0tCMDQmZWlkPTIyMTIzMzU5MDIzOTIxJmVkbWlkPTUzRDZDQUY3NDE3NkQxRUNBRDdGMUZFNkZENTM4MkZEJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 6346e069259dd802eaf247566e2f4368
03783069db6874744910cd5a92636f22529c6328
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
GET /popup/show.json?account_id=122066&uniq=_o9bcjdqh5&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1IQ0tCMDQmZWlkPTIyMTIzMzU5MDIzOTIxJmVkbWlkPTUzRDZDQUY3NDE3NkQxRUNBRDdGMUZFNkZENTM4MkZEJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x HTTP/1.1
Host: popups.rdstation.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
content-type: application/json
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=7776000
x-frame-options: sameorigin
content-length: 13
date: Thu, 22 Dec 2022 23:12:47 GMT
X-Firefox-Spdy: h2
d335luupugsy2.cloudfront.net/js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js
200 OK 0 B URL HTTP/2 d335luupugsy2.cloudfront.net/js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js
IP
GET /js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 12:44:27 GMT
x-amz-version-id: fwNjtdA6XZb3n0h136oekWU12ELDcyI.
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Dec 2022 23:12:48 GMT
cache-control: no-cache
etag: W/"42fe7ec5ef271ecfe3597b1c25238c8b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1VSZsJ7qU-dlxyvjadd3VP5uimyZrHi32WAloyh2edoFUcYWvJoIeQ==
X-Firefox-Spdy: h2
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
200 OK 0 B URL HTTP/2 d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
IP
GET /js/traffic-source-cookie/stable/traffic-source-cookie.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 14:58:51 GMT
x-amz-version-id: _DcRcF.3JZ4tSr0ScmnT0Msp3iEBkteK
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Dec 2022 07:48:25 GMT
etag: W/"60c4a92725ecad7b22391e314ecef104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1JBtMGGOaNkvvjCS_F4l6XTmZOUaPnsg5XEhV0HNADP-rrhmx8RQyQ==
age: 55463
X-Firefox-Spdy: h2
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
200 OK 0 B URL HTTP/2 d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
IP
GET /js/lead-tracking/stable/lead-tracking.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Dec 2022 11:37:34 GMT
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N3ZcS_iBfADhu4LoGGJvH3Yx0fUfuBRMiGsttbPYPZLBuQ7YMI5bhw==
age: 41741
X-Firefox-Spdy: h2
img.selecoesbrasil.com.br/EdmProteste-bp-set2022-style.css
200 OK 0 B URL HTTP/2 img.selecoesbrasil.com.br/EdmProteste-bp-set2022-style.css
IP
GET /EdmProteste-bp-set2022-style.css HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Dec 2022 23:12:45 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 13:45:21 GMT
etag: W/"a7fd47e2d2d4d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfHtrIPxA5sVSTiQk8SpMJIcTeS3d6yQc69aQYJeAe52tDkIbKOSYJYyFEIlyX%2FCn6Eg6OALOTZ6Qn3MJcPDFsJyrGieXDhRwyJzcjiNTcThEO1GMIJ7osHRujWVmXOW9Pbs%2FfMqxqTxA4Qn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77dc8b4949c2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
185.103.37.70
143.204.42.88
104.16.126.175
52.210.2.133
93.184.220.29
23.36.76.226