fiduciario.com.br/
301 Moved Permanently 707 B IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET / HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 07 Feb 2023 18:55:07 GMT
server: LiteSpeed
location: https://fiduciario.com.br/
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4361
Expires: Tue, 07 Feb 2023 20:07:48 GMT
Date: Tue, 07 Feb 2023 18:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20538
Expires: Wed, 08 Feb 2023 00:37:25 GMT
Date: Tue, 07 Feb 2023 18:55:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 18:34:08 GMT
content-type: application/json
age: 1259
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 18:55:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15071
Expires: Tue, 07 Feb 2023 23:06:18 GMT
Date: Tue, 07 Feb 2023 18:55:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gs1Z2d+rI5ONndu9C9OAkuU2KE7g64csuGT9SYPq5lprjB/SzJNKDhKcf7Zfheog5xodaTK/i4wQ7XQIemkIvA==
x-amz-request-id: X3TT8T9QVSPFDHPJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 18:35:37 GMT
age: 1170
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 18:51:19 GMT
age: 228
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5031
Expires: Tue, 07 Feb 2023 20:18:59 GMT
Date: Tue, 07 Feb 2023 18:55:08 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MeU2z7FASEkMG7cCPqqJ9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WUbxly3EBjCSUsMJbQUOwA7RbHg=
ocsp.digicert.com/
200 OK 280 B IP
Hash 639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Last-Modified: Tue, 07 Feb 2023 17:06:18 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4356
Cache-Control: max-age=96152
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Etag: "63e16220-118"
Expires: Wed, 08 Feb 2023 21:37:40 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 279 B IP
Hash 518d4b693ac64e6388da8e8055ef42e6
a2ffec6c48f4f057a9758fcf7e3e9eee7976e2d0
3fa2a5b09b5924320e577147b9a0c768be8782e7cd853689d5026803e9bc3237
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Last-Modified: Tue, 07 Feb 2023 17:42:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css
200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css
IP
File type ASCII text, with very long lines (57726)
Hash dce08b3c568799f6f6636857e8c9e044
0daaab444c5e84b1280c1aa549658e6550ad9bbf
6ff8c6cdd5d09486d20f8c1cddcc4cc7d1c952bc0680a970912e3e2b8e49cbb3
GET /ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:08 GMT
content-type: text/css; charset=utf-8
content-length: 10266
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e238"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1107963
expires: Sun, 28 Jan 2024 18:55:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et21HnZxk%2BrDHTYmpzCCxx7eSBkWvZpo1U%2BYZuHwmOR9wrHbVcXQ04eGMVnYckb61ykC0Cq357ZQEK5ouHsZTzbdWu4yRhbhfSiNZmJHVcaDVpAxElKk3e64CqUJKrveCJb7blaN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 795e568e7e02b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
200 OK 5.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (28900)
Hash 849c0219c80f61d47b93f1ded8c8b0c9
f9a9f5c33e0def15902704e6dd3ba9c05a4da27f
88df3e8ca5ff4830679e00e2817dc6a0832a4c1ba76425a7e522b147e3f675cd
GET /ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:08 GMT
content-type: text/css; charset=utf-8
content-length: 5324
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7187"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8903825
expires: Sun, 28 Jan 2024 18:55:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dodK4V%2FLBk2Vkivz5a3zDTPBekb1wHYR%2BvAlNsSaI2NO85LnvQJMzHsPKVK1hGwbEfjwR%2BNS7%2FWTpZB5NTVKd4wplnECLMB2zfE%2FCFMpHu8TG2zFlQsO2e3uhmxtLRbssdyHfXZ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 795e568e7e0fb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 518d4b693ac64e6388da8e8055ef42e6
a2ffec6c48f4f057a9758fcf7e3e9eee7976e2d0
3fa2a5b09b5924320e577147b9a0c768be8782e7cd853689d5026803e9bc3237
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3199
Cache-Control: max-age=118043
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Etag: "63e1bc28-117"
Expires: Thu, 09 Feb 2023 03:42:31 GMT
Last-Modified: Tue, 07 Feb 2023 02:49:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP
File type ASCII text, with very long lines (20831)
Hash 368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102
GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1521559
expires: Sun, 28 Jan 2024 18:55:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcXL%2BVIiJi10QxenJyV9hK5Alzu5vM4WjCDYlxkhIj36ZQtzl6s0PpaIM3%2FD%2BFG%2BhJszdr9nxkUEb%2BIQAyOFlty38a%2Bg%2BXOKPIIGK02FYwGCE0Dj5yU%2BT0xuquUCJ5xfUqwsbBcb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 795e568e8e1bb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1642567
expires: Sun, 28 Jan 2024 18:55:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38XWJ3ybmslPYNrpBNcJMOgZZgGEUa2bRwYekkwSCBrTle8UfMH7%2F6oXlc2an%2Bb9v5lyBUbidruBFvmCe4DKqrdZPGnUBN5WTQQ%2BybhvFiK3B2zK2otg0s16%2B6mgRgJLZlllzV5N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 795e568e9e35b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-118440947-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-118440947-1
IP
File type ASCII text, with very long lines (1759)
Hash 1b7f334dc2d8bcc30642bb141172ba4e
51041397bfab64b3f46adce99913ec71b954f93c
825f75a82300e19b097933727bb66bd4eb85e7a9c2d76a6aa20de29c831e3d9c
GET /gtag/js?id=UA-118440947-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 18:55:08 GMT
expires: Tue, 07 Feb 2023 18:55:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Feb 2023 18:15:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 639b4ed809597e03ff6fd6297015c2e9
dcfa40acb18ff8b82da6e1a71fe56c5ba344c3e5
4a647643c16b1ffe6b712d3f82e4be2c337cca1f8fe719b49cecf5133c67c18c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4356
Cache-Control: max-age=96152
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Etag: "63e16220-118"
Expires: Wed, 08 Feb 2023 21:37:40 GMT
Last-Modified: Mon, 06 Feb 2023 20:25:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
fiduciario.com.br/wp-content/themes/novo-site/slick/slick.css
200 OK 473 B URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/slick/slick.css
IP
ASN #47583 Hostinger International Limited
Hash b985b164c6219d3ac8cfdccbdd0d67c5
583b34f7bd28c70ffd2f2581be3a7c4a6145a2b5
ecbbe1752a918cdd0291688c4b51b576f9ca2a66f1cc0249f8952a5efefba48c
GET /wp-content/themes/novo-site/slick/slick.css HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: text/css
last-modified: Wed, 16 Dec 2020 17:50:05 GMT
etag: "6c1-5fda48cd-6ccb2d73e056f606;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 473
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/slick/slick-theme.css
200 OK 754 B URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/slick/slick-theme.css
IP
ASN #47583 Hostinger International Limited
Hash 26d4e3610ae79b992a59887ba309025c
20d399c87f57d7314b5329d72dd390ec07c420c4
f8f72ac3b1857b2dfc4d983200d6b9c00819240e74fd5c7c26eb6acadbdc2f13
GET /wp-content/themes/novo-site/slick/slick-theme.css HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: text/css
last-modified: Wed, 16 Dec 2020 17:50:03 GMT
etag: "c49-5fda48cb-56abf2d24f277e6a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 754
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/style.css
200 OK 7.7 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/style.css
IP
ASN #47583 Hostinger International Limited
File type assembler source, Unicode text, UTF-8 text
Hash 8cd05f1f02912b3cc33a888692a375ff
ae3273ac264ae5aeb88632fcbfcd4c4f378bc454
8f77047204170337b913ffea866c3abf7fbfc3bcb44d6e15b8f8742da37415b5
GET /wp-content/themes/novo-site/style.css HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: text/css
last-modified: Thu, 06 Oct 2022 17:34:29 GMT
etag: "9ad8-633f11a5-75a1516e384ded69;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7672
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
200 OK 11 kB URL HTTP/2 fiduciario.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (43771)
Hash 3314a848319230ac733421112382eec5
98a167f06a0aa192b28891f8abbb13045a59cb93
491c2c2340db0cace5815f2434013e7fecb5bd9b1d9a721811603d7aaa485fbd
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 22:11:34 GMT
etag: "15b64-62cf4316-7fcbca4eb148dfb9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10703
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 518d4b693ac64e6388da8e8055ef42e6
a2ffec6c48f4f057a9758fcf7e3e9eee7976e2d0
3fa2a5b09b5924320e577147b9a0c768be8782e7cd853689d5026803e9bc3237
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3199
Cache-Control: max-age=118043
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Etag: "63e1bc28-117"
Expires: Thu, 09 Feb 2023 03:42:31 GMT
Last-Modified: Tue, 07 Feb 2023 02:49:12 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiduciario.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.8.2
200 OK 1.4 kB URL HTTP/2 fiduciario.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.8.2
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (2186)
Hash af3e6bf5d0d6f3a381b9d0c5de19a8a0
e6411274eb6ab47c53fc16c7fc5c88dd64e7d07d
25e5ce7a0942e55db7370ac65bb27387735f7a5e3f7d13715846fac229e1f849
GET /wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.css?ver=2.8.2 HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: text/css
last-modified: Wed, 06 Jul 2022 16:05:53 GMT
etag: "1844-62c5b2e1-21ac7a697b3f2cc6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1429
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/dtvm-branco.svg
200 OK 1.6 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/dtvm-branco.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e2b84246d0b5fd3e9f7bb6dac93700b5
3b7ef86559c30ff6d2a5d41c3b0adcd7c9124145
7682376543c4984a0720d73d936e067496b386478a7aa12b1d89e0a30cddf5c1
GET /wp-content/themes/novo-site/img/dtvm-branco.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 24 Aug 2022 13:13:53 GMT
etag: "10ef-63062411-6344cb9e56739f8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1625
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/lupa.png
200 OK 597 B URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/lupa.png
IP
ASN #47583 Hostinger International Limited
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash aade1b4369db0c40db4c904762eb66bb
a62d649c89969c6be73efd9d0663a65367aaffb3
8479f6831698b326d64b4554159758b3846317455c2ac9ffaa2378932f3a4b9e
GET /wp-content/themes/novo-site/img/lupa.png HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 17:49:53 GMT
etag: "255-5fda48c1-aeb71531d12ed6dc;;;"
accept-ranges: bytes
content-length: 597
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 16 kB IP
Hash b8f9e3b65c17609b63a3bde376b5efe7
2d05f7a5e7e8b617e52fbfbc8de68672ab6053f7
5dfe32817045456edc8273bbb9ad8644c15e87e7236a49cc43e6b37fc036aa7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fiduciario.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 09:40:57 GMT
expires: Sun, 04 Feb 2024 09:40:57 GMT
cache-control: public, max-age=31536000
age: 292451
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fiduciario.com.br/wp-content/themes/novo-site/img/dvtm-branco.png
200 OK 62 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/dvtm-branco.png
IP
ASN #47583 Hostinger International Limited
File type PNG image data, 7480 x 541, 8-bit/color RGBA, non-interlaced\012- data
Hash 8eb50a0674bd837b1ce0337c2c5990d4
63216aa4bbf816b9415bea3857b1069d02f3a565
18b55ae909bb9e41e4ffa96eccb0359c39b9c180f336b9f0f1d7239928811c24
GET /wp-content/themes/novo-site/img/dvtm-branco.png HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 13:16:47 GMT
etag: "f360-630624bf-ba503c83c7d33d62;;;"
accept-ranges: bytes
content-length: 62304
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/
200 OK 43 kB IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash bc560f13f688cb212dfcfefdfb8effc7
107dedb3079956cfb0a8f28f1cfa0bac27d588ce
c880e018952f6bf1ddf4460d801148b0a9e04c965bb83a141f6a751c02f78d32
GET / HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://fiduciario.com.br/wp-json/>; rel="https://api.w.org/", <https://fiduciario.com.br/wp-json/wp/v2/pages/28>; rel="alternate"; type="application/json", <https://fiduciario.com.br/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/slick/slick.min.js
200 OK 10 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/slick/slick.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (32076)
Hash 95ebf3721ccaad529caf9162d7716825
0bf389b0acaafcbe767948eb4bfd16033f7eee27
271e9046bf0784099accb8df72c7fe151f3afb195cf7f7ee981fe5c830252846
GET /wp-content/themes/novo-site/slick/slick.min.js HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: application/x-javascript
last-modified: Wed, 16 Dec 2020 17:50:05 GMT
etag: "a3e1-5fda48cd-4c9373f51bee8a68;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9969
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.8.2
200 OK 7.8 kB URL HTTP/2 fiduciario.com.br/wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.8.2
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (26630), with no line terminators
Hash 2684bda90ab1a7bf33657302d2763301
1cf1e9592c3ef4bbcbe000fb0fc7954bad883052
a3174f12a19a5c65ad54e2276604d8735f21c32b9c9f1c50fc3c56f1c06537ad
GET /wp-content/plugins/beautiful-and-responsive-cookie-consent/public/cookieNSCconsent.min.js?ver=2.8.2 HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Jul 2022 15:58:14 GMT
etag: "6806-62c5b116-3ceb15ce222e9d16;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7803
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/js/slider.js
200 OK 217 B URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/js/slider.js
IP
ASN #47583 Hostinger International Limited
Hash 7eef4b4c57ab914908c65aede8208801
2df6f63d6d1d943c747427cc946ff0bac2e70ff6
8ed768a6410ebe1ab7c20bc01d441adcb382e0c6bfc3af06d31b15cf3636c114
GET /wp-content/themes/novo-site/js/slider.js HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: application/x-javascript
last-modified: Wed, 16 Dec 2020 17:49:55 GMT
etag: "27f-5fda48c3-b671df36546377fc;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 217
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.0 kB URL HTTP/2 fiduciario.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Jul 2022 22:11:34 GMT
etag: "2bd8-62cf4316-f08d2d52df462542;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/js/script.js
200 OK 14 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/js/script.js
IP
ASN #47583 Hostinger International Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (494)
Hash 3fff61e3ca2672682db926d7b73afc24
f6b8809e4ce76aa8fe864a4b2835926d699e4aca
543ea1559fe84dd7374150cede8b85a201176eac5e2798c4590ae1e7726fd986
GET /wp-content/themes/novo-site/js/script.js HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: application/x-javascript
last-modified: Fri, 16 Dec 2022 13:58:44 GMT
etag: "1ad69-639c7994-3942ff826dfba35b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14189
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/icone-1.svg
200 OK 1.2 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/icone-1.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8060d51da6ccbd4d10baae2925492225
2ea2621dbc62cecc3f50006d34589308856f9b9a
2ac0104d3115caad19391e686cdbc36ca7641f2ff905453257c380d947858059
GET /wp-content/themes/novo-site/img/icone-1.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Dec 2020 17:49:48 GMT
etag: "1064-5fda48bc-f888f397118d5cd1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1237
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/icone-2.svg
200 OK 2.1 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/icone-2.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1bd26941abc580f076242c62ff80bb7d
f6bb5fc3618615ea15c9f5a6f6f27ca8aabef9c0
56667b92ac81b063ee909d30e8f3f2987aa36b236a1d525aa5e1d767f7281e3a
GET /wp-content/themes/novo-site/img/icone-2.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Dec 2020 17:49:48 GMT
etag: "203c-5fda48bc-e3abe248dbfe764d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2131
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/icone-3.svg
200 OK 3.3 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/icone-3.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 52ac712ea10633186021dca83add1200
c0950a59894ea3fefe40f3cfb7380bffb9317725
b56a8d778a6e598bdc88e8e0b7a273a684482b0c7b9ab9223db66bdf06f34615
GET /wp-content/themes/novo-site/img/icone-3.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Dec 2020 17:49:48 GMT
etag: "37e9-5fda48bc-5832b1819e95ae7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3286
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/icone-4.svg
200 OK 4.0 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/icone-4.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1b4bac9959be5b3026cacdc9e828c472
1f5f59858cf8694db5a667ccf5c05ccc49a4a828
f472c74e7a50088d865bf06ccc399b6f92111d576b61cf08ab2722065ea264ed
GET /wp-content/themes/novo-site/img/icone-4.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Dec 2020 17:49:49 GMT
etag: "430a-5fda48bd-2b6747586549f999;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3966
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/icone-9.svg
200 OK 3.8 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/icone-9.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9f4712cc980e76f351858f16a8fefbc7
705e8d4be244ec0028e0d553bcd7f854b81038f5
037522144b2835c8f6a39ad19f01398064f2635ba0296066ba906f0cc3f6cef6
GET /wp-content/themes/novo-site/img/icone-9.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Fri, 16 Dec 2022 14:39:02 GMT
etag: "3f2d-639c8306-df6c6d444ec044d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3788
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/informativos-vetor.svg
200 OK 811 B URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/informativos-vetor.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9105195493b78e85aa6c1e9a87fcfa69
7593112918aa6486572d0d82ce9457d2b1ff6c79
2603661aaae604ab5ed8bb23146050f49628a740e276fa25f6697e158601167b
GET /wp-content/themes/novo-site/img/informativos-vetor.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Dec 2020 17:49:51 GMT
etag: "ac8-5fda48bf-e50cd3d43c7c1aa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 811
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/assembleias-vetor.svg
200 OK 941 B URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/assembleias-vetor.svg
IP
ASN #47583 Hostinger International Limited
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0dc351fe76638ec6a98469c45cb54fee
f2964e1b2298b0c99804a5ee563f34f0f26a5566
5c2044498a5a17def3cd3befcba2e8370723088a8c92c40094aa0b5248b27a5b
GET /wp-content/themes/novo-site/img/assembleias-vetor.svg HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Dec 2020 17:49:44 GMT
etag: "89b-5fda48b8-85556defd90b33d4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 941
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/linkedin.png
200 OK 1.2 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/linkedin.png
IP
ASN #47583 Hostinger International Limited
File type PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e1f2406b3c3644eade6b2da0e97ba6d
0033b7f6ab071cd922d23adcf78252bfaa6a1809
9c0e747eca9bd29a326bd7638ed5921e800eeab3f58e71cfcec170840c797de2
GET /wp-content/themes/novo-site/img/linkedin.png HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 17:49:52 GMT
etag: "4a5-5fda48c0-e32dac32626c0988;;;"
accept-ranges: bytes
content-length: 1189
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/anbima1.png
200 OK 3.6 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/anbima1.png
IP
ASN #47583 Hostinger International Limited
File type PNG image data, 88 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 237c0e29f2b13080a540c2b66f5ec9e5
64225e61bc52c416bad2a9d2455d70e51d1ebc97
448f03041824eabd97192f25b55141cc518df5f366af612d175a870e0b8e975f
GET /wp-content/themes/novo-site/img/anbima1.png HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 17:49:44 GMT
etag: "de9-5fda48b8-540afb38235d773a;;;"
accept-ranges: bytes
content-length: 3561
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-content/themes/novo-site/img/anbima2.png
200 OK 3.4 kB URL HTTP/2 fiduciario.com.br/wp-content/themes/novo-site/img/anbima2.png
IP
ASN #47583 Hostinger International Limited
File type PNG image data, 87 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 00b8444e119f4f358f79c68e2a473493
9fe3be2dcc771b303b7d40ac3492ad5ad19bb6be
313fa3ccd6d61cdfb4b6ba9bf5b09895b27cd94f145aa3647bd826712f841a96
GET /wp-content/themes/novo-site/img/anbima2.png HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: image/png
last-modified: Wed, 16 Dec 2020 17:49:44 GMT
etag: "d26-5fda48b8-ef7eeaefadf8e9e1;;;"
accept-ranges: bytes
content-length: 3366
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fiduciario.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
200 OK 4.6 kB URL HTTP/2 fiduciario.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (15660)
Hash 4402e98c197d70e9bc78b1da062e658a
b1d2477c6b1dfa9283d79a0a3944098dde573f68
4e646c55a8c057d08458aed4f913f5ae713e1351aadc0bcdf947bc48fb6a73ed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: fiduciario.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 Feb 2023 18:55:08 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Jul 2022 22:11:34 GMT
etag: "48b9-62cf4316-fad3b3fd907e3439;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4572
date: Tue, 07 Feb 2023 18:55:08 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Tue, 07 Feb 2023 19:53:42 GMT
Date: Tue, 07 Feb 2023 18:55:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Tue, 07 Feb 2023 19:53:42 GMT
Date: Tue, 07 Feb 2023 18:55:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Tue, 07 Feb 2023 19:53:42 GMT
Date: Tue, 07 Feb 2023 18:55:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Tue, 07 Feb 2023 19:53:42 GMT
Date: Tue, 07 Feb 2023 18:55:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc8KEoPoAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 09:07:41 GMT
age: 35248
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 75590
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59419fb1cf4689bed183d0e9a6aed782
47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a
e6009407bd61bee1ae16ec30ea5914be77c56ee65dfb30595b10a1cedc6798c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c86a61b-07c3-45f6-b564-e556eb788d04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12682
x-amzn-requestid: d858d90a-b1ca-401c-8e00-8ccd9c0a7504
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78mUEsfIAMFreg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1748e-2783de3e3de9c520246bf06e;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:43:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _D5bI_flPN8fUn6aTGqO76FRSDwwC379nkVCBptmZkALErIVFCZfpA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
age: 75590
etag: "47d4a4bb26fafff0c6aebfe3dc7ddfa4970f8e9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92008e687831334af1cdbf4b8a57579f
e6ff750f12836637adf5b253d64c2102fdf3c180
39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbUWAiTEzfmIOkYgKdBEYxEnRky5wA7ajMWumei7fXeIqLN9B-riBw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:27 GMT
age: 75582
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MmO3oxbCoPs-WdN8SL9AuudkfErRRcTp6mkr2LRIfS6YPVe6UGBDFQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 03:01:24 GMT
age: 57225
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88178e0f623494e30ece4da4eed04d60
7f016d87157a577e4ad4e4cf6c854a0489f8571a
e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6384
x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77IcE2-oAMFbZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: li__CyiikZFRNF7c8_9Kbi18VJ39UzJiNgP9z141MCUFVPnYAEXPCg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:24:59 GMT
age: 73810
etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Feb 2023 17:44:06 GMT
expires: Tue, 07 Feb 2023 19:44:06 GMT
cache-control: public, max-age=7200
age: 4263
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GVQ9E9ZTQX>m=45je3260&_p=1188977786&cid=1237060402.1675796160&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675796160&sct=1&seg=0&dl=https%3A%2F%2Ffiduciario.com.br%2F&dt=Home%20-%20Trustee%20DTVM&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GVQ9E9ZTQX>m=45je3260&_p=1188977786&cid=1237060402.1675796160&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675796160&sct=1&seg=0&dl=https%3A%2F%2Ffiduciario.com.br%2F&dt=Home%20-%20Trustee%20DTVM&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GVQ9E9ZTQX>m=45je3260&_p=1188977786&cid=1237060402.1675796160&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675796160&sct=1&seg=0&dl=https%3A%2F%2Ffiduciario.com.br%2F&dt=Home%20-%20Trustee%20DTVM&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fiduciario.com.br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://fiduciario.com.br
date: Tue, 07 Feb 2023 18:55:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48b40a441d4253dbc1c7cb1a0330d427
95c3ef00bbabb1a20826b1ee30968f406be09c58
4d40cf4934a304ebc8eeafea56db6fe276cb47f4bbf9eaed369ba69f0081250c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D40CF4934A304EBC8EEAFEA56DB6FE276CB47F4BBF9EAED369BA69F0081250C"
Last-Modified: Mon, 06 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5295
Expires: Tue, 07 Feb 2023 20:23:25 GMT
Date: Tue, 07 Feb 2023 18:55:10 GMT
Connection: keep-alive
scripts.dofollowgreenline.com/pC9KDz
200 OK 1.2 kB URL HTTP/1.1 scripts.dofollowgreenline.com/pC9KDz
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (3022), with no line terminators
Hash eb02d53f0152c5c871ed775e2caf9250
ebd44170acd88dc736ea779f6ab8f8ff7caa5c6d
2a005b344967b5d077e8c2fa6f3290cd3c97442b58ef79cc8050df763f448683
GET /pC9KDz HTTP/1.1
Host: scripts.dofollowgreenline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 18:55:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 1176
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpai7mij;Expires=Friday, 10-Mar-2023 18:55:10 GMT;Max-Age=2678400;Path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjVcIjoxNjc1Nzk2MTEwfSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjc1Nzk2MTEwfSxcInRpbWVcIjoxNjc1Nzk2MTEwfSJ9.uATG9_uzaN4tTJd-NjWxK1QLWc4CSvRr-6S2XP4efyg;Expires=Tuesday, 17-Mar-2076 13:50:20 GMT;Max-Age=1675882510;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f43cd0c979d73365adebff29c3fddbbd
b36e5ef4ee18fa9de2f01bcb434600ccf9a65c5d
d8ea7ee0a5c43bee601e97e7b2c1cd138e7bfbaf05fcf69b756b5a53cffa759a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8EA7EE0A5C43BEE601E97E7B2C1CD138E7BFBAF05FCF69B756B5A53CFFA759A"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6342
Expires: Tue, 07 Feb 2023 20:40:53 GMT
Date: Tue, 07 Feb 2023 18:55:11 GMT
Connection: keep-alive
goaway.dofollowgreenline.com/follow/finish.php?pid=658745-22-658734323
302 Found 0 B URL HTTP/1.1 goaway.dofollowgreenline.com/follow/finish.php?pid=658745-22-658734323
IP
ASN #2856 British Telecommunications PLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /follow/finish.php?pid=658745-22-658734323 HTTP/1.1
Host: goaway.dofollowgreenline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 07 Feb 2023 18:55:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://goaway.dofollowgreenline.com/follow/finish.php?mid=8678670756767
Access-Control-Allow-Origin: *
goaway.dofollowgreenline.com/follow/finish.php?mid=8678670756767
200 OK 468 B URL HTTP/1.1 goaway.dofollowgreenline.com/follow/finish.php?mid=8678670756767
IP
ASN #2856 British Telecommunications PLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b5a5307d9ab9831a566f0d3ff7e38494
73bd511114fa273e663499455b44a69a9083f534
c4cbd80786f04154ebf81fe67ff21e47d3e108f3907ada92ef9bf98e2cdaf9dc
GET /follow/finish.php?mid=8678670756767 HTTP/1.1
Host: goaway.dofollowgreenline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiduciario.com.br/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 18:55:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cqwajn.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=beef0
302 Found 503 B URL HTTP/2 cqwajn.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=beef0
IP
Hash 9e9853eafb89c2c35e3962a7f03c8e75
fb1e468ac61576333f2ddb21b5c9c0692bf7d155
c84f134c3576e240f0ce08fc35b06dc314df9feb2cc925a0f1b58e6364165963
GET /gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=beef0 HTTP/1.1
Host: cqwajn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goaway.dofollowgreenline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 07 Feb 2023 18:55:11 GMT
content-type: text/html; charset=UTF-8
location: https://haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&si2=
cache-control: no-cache
max-age: 0
x-zone: eu
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD2DQ4F7zL573r%2BmYGU2IrmRaRoPgh0GgdvYDI97MPnqa3cjymCQgdkAmlDO7Rq95LLMFq32JT4fiGNkLa%2BoxszW6fSSqJlhV7DwesuvQAGdAPh38j2y6n7KGlHs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795e56a0fb22b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash d0eca4fb75d72122b9ae40665599aeba
b286e187ddd19f8c35e3de57f24a5e798354b8a0
025f9e9dac73c56654031e2b275c57a9f1ae4c4080dfb46c0d38199ad8a90eed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3141
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:12 GMT
Last-Modified: Tue, 07 Feb 2023 18:02:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash d0eca4fb75d72122b9ae40665599aeba
b286e187ddd19f8c35e3de57f24a5e798354b8a0
025f9e9dac73c56654031e2b275c57a9f1ae4c4080dfb46c0d38199ad8a90eed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1908
Cache-Control: max-age=153456
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 18:55:12 GMT
Etag: "63e24b8c-117"
Expires: Thu, 09 Feb 2023 13:32:48 GMT
Last-Modified: Tue, 07 Feb 2023 13:01:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6MiwicG0iOjJ9eyJ&d=haxbyq.com&tpl=30&pbd=iOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNpMSI6ImJlZWYwIiwiaSI6IjEifQ==eyJwaWQ
200 OK 70 kB URL HTTP/2 ulmoyc.com/v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6MiwicG0iOjJ9eyJ&d=haxbyq.com&tpl=30&pbd=iOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNpMSI6ImJlZWYwIiwiaSI6IjEifQ==eyJwaWQ
IP
File type ASCII text, with very long lines (11285), with no line terminators
Hash 98f05c34a982c666675acff3ebec58a1
ecd1e73afa8b47cc960e0751a4971c49ce7c1d05
ea25905122ff7f344261ef49fcd30d36695b711dd4f9221aaecf330112340a25
GET /v1/sdk.js?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6MiwicG0iOjJ9eyJ&d=haxbyq.com&tpl=30&pbd=iOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNpMSI6ImJlZWYwIiwiaSI6IjEifQ==eyJwaWQ HTTP/1.1
Host: ulmoyc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fz4rk.haxbyq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-origin: https://haxbyq.com
etag: W/"1Yv72s4f8stR1c8XjMsWwTyr6Nw"
x-zone: eu
cf-cache-status: HIT
age: 3395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cLTB2bS0edf0yFwgm0iatvI8vHWXMUCP1Th8nztWzzn7oCu2f4h%2BpSM2LoQhVHXGpcC%2FHj7%2BaeSqGqNJywLPke2mFReY2cqIEpb%2BbE4dOJSeVXE8gS23dPH2wpc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795e56a40b79fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
azkcqs.com/rpe?a=1&s=1&act=7&src=2&p=1054030&st=1184602&wd=422610&d=haxbyq.com&tpl=30&rnd=0.35217664873668897&sbid=beef0&sbid2=
200 OK 0 B URL HTTP/2 azkcqs.com/rpe?a=1&s=1&act=7&src=2&p=1054030&st=1184602&wd=422610&d=haxbyq.com&tpl=30&rnd=0.35217664873668897&sbid=beef0&sbid2=
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rpe?a=1&s=1&act=7&src=2&p=1054030&st=1184602&wd=422610&d=haxbyq.com&tpl=30&rnd=0.35217664873668897&sbid=beef0&sbid2= HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://68jqb.haxbyq.com
Connection: keep-alive
Referer: https://68jqb.haxbyq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 07 Feb 2023 18:55:14 GMT
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b372ff2adddff6d10b87cf99c926b894
1456c70f1cf695340b163e4445fba961c50c349b
eb3da0f3f7bd1afa75d6f6d98c947f93c258f67b3aa07140b261096aadd3f702
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB3DA0F3F7BD1AFA75D6F6D98C947F93C258F67B3AA07140B261096AADD3F702"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2644
Expires: Tue, 07 Feb 2023 19:39:18 GMT
Date: Tue, 07 Feb 2023 18:55:14 GMT
Connection: keep-alive
tratbc.com/tb?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=9
302 Found 0 B URL HTTP/1.1 tratbc.com/tb?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=9
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tb?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=9 HTTP/1.1
Host: tratbc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://68jqb.haxbyq.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.15.0
Date: Tue, 07 Feb 2023 18:55:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a422610&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1054030&sub_period=&cost=&click_id=SQ2-FVnt2B8-aDC2
X-Zone: eu
track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a422610&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1054030&sub_period=&cost=&click_id=SQ2-FVnt2B8-aDC2
302 Found 0 B URL HTTP/2 track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a422610&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1054030&sub_period=&cost=&click_id=SQ2-FVnt2B8-aDC2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a422610&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1054030&sub_period=&cost=&click_id=SQ2-FVnt2B8-aDC2 HTTP/1.1
Host: track.wbdpnz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://68jqb.haxbyq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 07 Feb 2023 18:55:15 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://noomigoomini.com/redirect?tid=863970&subid=ADa422610DK&puid=wge9jskojuekoafm2eaautd8
pragma: no-cache
set-cookie: 0f72aceb-1686-4bca-a918-ff82f889bf8f-v4=qUnS0_7ODajltliv6e_YAwNIlJa3G4V1WAK-dMQGE1Q; Max-Age=86400; Expires=Wed, 08-Feb-2023 18:55:15 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=SV6gU6AIZmgTn70XL%2BwA1tqvVDhtm1DaVpEUp6htVwO2eEOKyQrFbBN1JALm%2F%2BciiOIbkCo4wi2EFVI%2Fclo8UAUCklM6fpW1PpxsB2WCWfc5JPCSL%2F1FuY2NghBtG%2BZx1Jun%2Bu6XBpUfdIyMPmgGnA%3D%3D; Max-Age=31536000; Expires=Wed, 07-Feb-2024 18:55:15 GMT; Domain=track.wbdpnz.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
noomigoomini.com/redirect?tid=863970&subid=ADa422610DK&puid=wge9jskojuekoafm2eaautd8
302 Found 0 B URL HTTP/2 noomigoomini.com/redirect?tid=863970&subid=ADa422610DK&puid=wge9jskojuekoafm2eaautd8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=863970&subid=ADa422610DK&puid=wge9jskojuekoafm2eaautd8 HTTP/1.1
Host: noomigoomini.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://68jqb.haxbyq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://xposc.heparlorne.com/ICMEU?tag_id=863970&sub_id1=ADa422610DK&sub_id2=2510187336580425747&cookie_id=74f230a9-1715-4457-97b9-f8d431ac9d06&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fnoomigoomini.com%2F%3Ftid%3D863973%26noocp%3D1%26subid%3DADa422610DK&geo=NO
date: Tue, 07 Feb 2023 18:55:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=74f230a9-1715-4457-97b9-f8d431ac9d06
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bdc4e02725e6de1af31e5bb25800f68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: qE0D6Z4ntuicX9gVLcXEEPeAVzrsQtDGWpMPYErww7PrXQRDeXYFLQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4e6280b84b5ae9ce871c037b7b351f04
a552ed948049972e45bc67616ed2852e2ed462d0
79a5b90ace96b92363e4186bf78afff94833e4507c208159737461cc40a08ff1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79A5B90ACE96B92363E4186BF78AFFF94833E4507C208159737461CC40A08FF1"
Last-Modified: Tue, 07 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6926
Expires: Tue, 07 Feb 2023 20:50:41 GMT
Date: Tue, 07 Feb 2023 18:55:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg
200 OK 19 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg
IP
Hash 5124bf0e3365b034694ef3c7e34e669d
e4845be3efd9fa50da38b49c813177741cc1add6
21dd8ae1eb64574b3f4d12fb70db71507c7d02375ca7b9e5944b56164ab964c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8328b9-b592-4c76-9101-54f0b2e220d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14943
x-amzn-requestid: 1145ff12-5237-426c-8efc-c25c1061bcce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2GpMFTEIAMFxgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df1e3a-528eb972059e86c33334fedd;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 03:10:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XB1GsXLS_Aa3zg9mCPkwinizqk9hZOQel0Ag7Vp0yopIvahzXstoVA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 03:43:13 GMT
age: 54723
etag: "6679d1ff8f2986b6103e94a54632892e2280b149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&si2=
200 OK 0 B URL HTTP/2 haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&si2=
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&si2= HTTP/1.1
Host: haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goaway.dofollowgreenline.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: truniq=1; expires=Wed, 08-Feb-2023 18:55:11 GMT; Max-Age=86400; path=/; domain=haxbyq.com
x-zone: eu4
content-encoding: gzip
X-Firefox-Spdy: h2
fz4rk.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=1
200 OK 0 B URL HTTP/2 fz4rk.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=1
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=1 HTTP/1.1
Host: fz4rk.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://haxbyq.com/
Cookie: truniq=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu4
content-encoding: gzip
X-Firefox-Spdy: h2
p5fnd.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=3
200 OK 0 B URL HTTP/2 p5fnd.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=3
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=3 HTTP/1.1
Host: p5fnd.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ohbau.haxbyq.com/
Cookie: truniq=1; ufp2=b04562df53b69ed51c76b1aa32a8c6418667e3a2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
pltg7.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=5
200 OK 0 B URL HTTP/2 pltg7.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=5
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=5 HTTP/1.1
Host: pltg7.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fl7b2.haxbyq.com/
Cookie: truniq=1; ufp2=b04562df53b69ed51c76b1aa32a8c6418667e3a2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu4
content-encoding: gzip
X-Firefox-Spdy: h2
68jqb.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=9
200 OK 0 B URL HTTP/2 68jqb.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=9
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=9 HTTP/1.1
Host: 68jqb.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jt56r.haxbyq.com/
Cookie: truniq=1; ufp2=b04562df53b69ed51c76b1aa32a8c6418667e3a2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato
IP
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 18:55:08 GMT
date: Tue, 07 Feb 2023 18:55:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fiduciario.com.br
Connection: keep-alive
Referer: https://fiduciario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 01/04/2023 11:35:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ba1b61154245b735548b440a7bdbc4fd
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 795e568e8826b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xposc.heparlorne.com/ICMEU?tag_id=863970&sub_id1=ADa422610DK&sub_id2=2510187336580425747&cookie_id=74f230a9-1715-4457-97b9-f8d431ac9d06&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fnoomigoomini.com%2F%3Ftid%3D863973%26noocp%3D1%26subid%3DADa422610DK&geo=NO
200 OK 0 B URL HTTP/2 xposc.heparlorne.com/ICMEU?tag_id=863970&sub_id1=ADa422610DK&sub_id2=2510187336580425747&cookie_id=74f230a9-1715-4457-97b9-f8d431ac9d06&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fnoomigoomini.com%2F%3Ftid%3D863973%26noocp%3D1%26subid%3DADa422610DK&geo=NO
IP
GET /ICMEU?tag_id=863970&sub_id1=ADa422610DK&sub_id2=2510187336580425747&cookie_id=74f230a9-1715-4457-97b9-f8d431ac9d06&lp=oct_11&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fnoomigoomini.com%2F%3Ftid%3D863973%26noocp%3D1%26subid%3DADa422610DK&geo=NO HTTP/1.1
Host: xposc.heparlorne.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://68jqb.haxbyq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"31df-K3x4BGING5YJicM+JUpVZ/WuNnQ"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ulmoyc.com/fp.js?d=fz4rk.haxbyq.com
200 OK 0 B URL HTTP/2 ulmoyc.com/fp.js?d=fz4rk.haxbyq.com
IP
GET /fp.js?d=fz4rk.haxbyq.com HTTP/1.1
Host: ulmoyc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fz4rk.haxbyq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 18:55:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400
max-age: 0
access-control-allow-origin: https://fz4rk.haxbyq.com
x-zone: eu
last-modified: Tue, 07 Feb 2023 18:55:12 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsT3nk60BgmYfxOMnMPsyG%2Bmv3X%2B4OntkauPAbbCgJv3nIbiwKG5NGG7dhQDBKOrTvmiHQbdZsmndd4iUvd%2Bw1QjBRagslrIR8i3ZkLgW7BBgXLTWuYv%2FqPSbPrk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795e56a43b99fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fl7b2.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=4
200 OK 0 B URL HTTP/2 fl7b2.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=4
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=4 HTTP/1.1
Host: fl7b2.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://p5fnd.haxbyq.com/
Cookie: truniq=1; ufp2=b04562df53b69ed51c76b1aa32a8c6418667e3a2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu
content-encoding: gzip
X-Firefox-Spdy: h2
elabz.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=6
200 OK 0 B URL HTTP/2 elabz.haxbyq.com/bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=6
IP
ASN #39572 DataWeb Global Group B.V.
GET /bot-captcha-1?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTAsInNyYyI6Mn0=eyJ&si1=beef0&i=6 HTTP/1.1
Host: elabz.haxbyq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pltg7.haxbyq.com/
Cookie: truniq=1; ufp2=b04562df53b69ed51c76b1aa32a8c6418667e3a2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 07 Feb 2023 18:55:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu4
content-encoding: gzip
X-Firefox-Spdy: h2
217.21.66.127
185.56.234.205
34.160.144.191
104.17.24.14
194.135.30.210
185.162.85.20
188.114.96.1
18.158.88.249
23.36.76.226