Report - auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=

Report Overview

Submitted URL
auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
IP
162.214.163.83
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-02-08 08:40:23
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	54.230.245.110
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.8 kB	93.184.220.29
imasdk.googleapis.com	11661	2014-10-30T18:42:18Z	2023-03-13T06:05:04Z	342 B	127 kB	216.58.211.10
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-13T07:41:37Z	369 B	630 B	178.250.2.146
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-13T07:21:44Z	486 B	495 B	178.250.0.157
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.164.47.95
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	423 B	1.6 kB	151.101.65.229
tagmanager.alright.network	172257	2019-05-05T10:27:07Z	2023-03-12T23:03:11Z	1.8 kB	203 kB	54.230.111.119
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
securepubads.g.doubleclick.net	190	2013-05-31T06:19:39Z	2023-03-13T05:09:45Z	757 B	135 kB	142.250.74.130
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
auonline.com.br	unknown	2014-07-01T11:24:43Z	2023-03-10T05:36:56Z	5.8 kB	186 kB	162.214.163.83
www.googletagservices.com	169	2021-02-14T04:54:38Z	2023-03-13T08:45:50Z	339 B	28 kB	142.250.74.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08 08:41:05	high	Client IP	162.214.163.83	ETPRO PHISHING Antibomber Phish Kit

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031	916 B	2023-03-07	2023-03-14
Pretty URL auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031 IP 162.214.163.83 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:42 Last Seen2023-03-14 06:00:31 Times Seen1 Hash 4eae03b87bcfef221540cac18d110add 4bdf4541c8bf39d23c6512d3265bd2e43e9738da 7862bb8d1b03b5b94bf6928a115605e773e7cf6bc5158f265712434b7eb90b4e Loading...

	tagmanager.alright.network/cloudinary-core.min.js	98 kB	2023-03-07	2023-11-20
Pretty URL tagmanager.alright.network/cloudinary-core.min.js IP 54.230.111.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:42 Last Seen2023-11-20 15:30:58 Times Seen16 Hash a1be2e94d994f87394275c7c24229e51 6aa4c7f3829658ad6c54589a91fe651345c720cf 2a9c8c1325096f3efd38f7e471f4f85fd0c212fa91ceb9591b037bc959dbcd54 Loading...

	tagmanager.alright.network/cld-video-player.min.js	1.7 MB	2023-03-07	2023-11-20
Pretty URL tagmanager.alright.network/cld-video-player.min.js IP 54.230.111.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:42 Last Seen2023-11-20 15:30:57 Times Seen13 Hash f424c0548bcfc13402d775a5f3c7e056 77ea61739ab986c135b4699ac15e9d1067107fef b1e61d7061d6f054ace39c480436a348ab293b49a37e272a4c8cf8583c78ab3b Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 22:43:12 Times Seen37103554 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	81 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:28:32 Last Seen2023-03-13 19:38:28 Times Seen1 Hash d5d15b8907d29777800ded5e47320fb5 7f75d9446ce3dc158f78ccd54a21f98775772942 e9e0f90da0b4c9c35e2e9464b92901416967dae5a323179e8bfd5632e3c12c2d Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js?cb=31072253	395 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js?cb=31072253 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:28:32 Last Seen2023-03-13 23:19:28 Times Seen1 Hash 13fc493785073ff3a4c58ce7c2fd9d60 bd1c4daff57536dad93f1fd5abce685f92f6246b fa19ab413493b004c5957325db711ffde124c52cb5007049f1331dd1302bc774 Loading...

	auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031	26 B	2023-03-13	2023-03-13
Pretty URL auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031 IP 162.214.163.83 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:18:12 Last Seen2023-03-13 19:35:40 Times Seen1 Hash 7f07c149be710c1ab04081763fd799f5 55695891943892a02f268a38c0f955b02f8da9fc 34fb626c01fa0e903f07e61d2f0d0481f2509a0c413e145ece6a22a759e2f904 Loading...

	tagmanager.alright.network/manager/js/container_KETFTGOj.js	88 kB	2023-03-13	2023-03-13
Pretty URL tagmanager.alright.network/manager/js/container_KETFTGOj.js IP 54.230.111.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:09:08 Last Seen2023-03-13 19:35:40 Times Seen1 Hash 59a13bd579d224d01d7b111c6eea6bef a693f61bf51aed71bb4d117cffdad193416c24c1 984fc683288f4c4d0229b74ed114cf23284e3ebce450b1cbf72f85dbb74e151e Loading...

	tagmanager.alright.network/lodash.min.js	73 kB	2023-03-07	2024-04-26
Pretty URL tagmanager.alright.network/lodash.min.js IP 54.230.111.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 20:44:31 Times Seen15655 Hash 9becc40fb1d85d21d0ca38e2f7069511 ae854b04025db8b7f48fdd6dedf41e77eae44394 a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9 Loading...

	hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1	23 kB	2023-03-13	2023-03-13
Pretty URL hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:22 Last Seen2023-03-13 19:35:40 Times Seen1 Hash ad8806087b2252b62bdeb739423cff69 cc67c5a77a575881d3e21eed1ee9c6f535db7bc5 1c9d7b17d3457d5338a8b8919a8d65cbc642a843a8e90d6cb29bcf4dbaf326b0 Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	376 kB	2023-03-13	2023-03-13
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:57:14 Last Seen2023-03-13 19:57:41 Times Seen1 Hash 2d7592d030aac3bee869d509ce52c68f f5dfe8f9eddfa5682ad3b1a71264637719c9b845 96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485 Loading...

	www.googletagservices.com/tag/js/gpt.js	81 kB	2023-03-13	2023-03-13
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:19:01 Last Seen2023-03-13 19:38:45 Times Seen1 Hash c72335a8b776913b35f89a2bb2269148 18982b277885a27ac9f723d08be1efe76639f5e3 e59f783b01c96fdf08f304200d80378b3af8f20b5543305505b2c3155bf9baf6 Loading...

HTTP Transactions (50)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8025
Expires: Wed, 08 Feb 2023 10:53:56 GMT
Date: Wed, 08 Feb 2023 08:40:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Wed, 08 Feb 2023 09:43:39 GMT
Date: Wed, 08 Feb 2023 08:40:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 08:34:12 GMT
content-type: application/json
age: 359
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4475
Expires: Wed, 08 Feb 2023 09:54:46 GMT
Date: Wed, 08 Feb 2023 08:40:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GiVqbHM9YacTcDGze1bRif5BZ6XK0/zeqE4y19U8weBnOMko+N5cYpn48ZU15HKekviZqO2st/xanEsxT9W0DA==
x-amz-request-id: XZMH0NVJWPXYWKM1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 07:45:53 GMT
age: 3258
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031

162.214.163.83

301 Moved Permanently

378 B

URL HTTP/1.1
auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
378 B (378 bytes)
Hash
834b6bf7f032b36f230920170425ba80
8bc64f210365b3df22ed0b2a5d3c0792399b175c
f7b0e89575f574afb85a631341a490d0c725199735496133023b2afdd75315e2

Detections

NIDS	Severity	Alert
suricata	high	ETPRO PHISHING Antibomber Phish Kit

HTTP Headers

GET /view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 08:40:09 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Referrer-Policy: same-origin
X-Frame-Options: sameorigin
Location: https://auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
Cache-Control: max-age=1
Expires: Wed, 08 Feb 2023 08:40:10 GMT
Content-Length: 378
Keep-Alive: timeout=5, max=1150
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 08:40:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 08:14:52 GMT
age: 1520
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6982
Expires: Wed, 08 Feb 2023 10:36:34 GMT
Date: Wed, 08 Feb 2023 08:40:12 GMT
Connection: keep-alive

auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031

162.214.163.83

404 Not Found

1.6 kB

URL HTTP/2
auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.6 kB (1582 bytes)
Hash
51abbfaece111b4dd6921ef06af5191a
fe6cb9f2cd44ed2d0c4c795f3882e01bdd1b0207
455888db2c4ab8750e99907d444d09a70ccc9b519de20525a9b399905dc5d524

Detections

NIDS	Severity	Alert
suricata	high	ETPRO PHISHING Antibomber Phish Kit

HTTP Headers

GET /view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
set-cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52; path=/
PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52; path=/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031; domain=auonline.com.br; secure; HttpOnly
access-control-max-age: 1000
referrer-policy: same-origin
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: public, max-age=86400, max-age=1, private, must-revalidate
content-length: 1582
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 08:40:10 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.164.47.95

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.47.95:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d83ixSN+0q//0O+XcLi/qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NAEuQ6pFesGWSit6DSrHUlo/Xhs=

auonline.com.br/view/dist/css/dist-application.min.css?v=1.14

162.214.163.83

200 OK

43 kB

URL HTTP/2
auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43048 bytes)
Hash
00924df8f6e3ebb887887b437a164a45
ca14a59947b8520b333b5aa7dd4e65d153e4e79f
ec2dad46a28aeb0c619a92a90c515ad1af9004b1158001b8a05e42dfe803cf6f

HTTP Headers

GET /view/dist/css/dist-application.min.css?v=1.14 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:18:32 GMT
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Fri, 10 Mar 2023 08:40:10 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 43048
content-type: text/css
date: Wed, 08 Feb 2023 08:40:10 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/css/dist-utilities.min.css?v=1.14

162.214.163.83

200 OK

51 kB

URL HTTP/2
auonline.com.br/view/dist/css/dist-utilities.min.css?v=1.14
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (50838 bytes)
Hash
2a3746097660f3201f5ee4cadb427697
ef5b5d2e42dbf1ba10732d9c099792e67875813b
18b64606d494dd5adb01e5157bd77073419459adabfe5b0c95a2ff6ce47e0206

HTTP Headers

GET /view/dist/css/dist-utilities.min.css?v=1.14 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:18:34 GMT
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Fri, 10 Mar 2023 08:40:10 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 50838
content-type: text/css
date: Wed, 08 Feb 2023 08:40:10 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
be0991a2d9125e66cecc298054ea11a2
9fbf67bff3422916a63088dc27ec6a69e1482958
d695c9a5c3250a2897f4d6f39a55361fd525b35ab278ba0ce1e11aba83b3e8ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127091
Date: Wed, 08 Feb 2023 08:40:13 GMT
Etag: "63e294a1-1d7"
Expires: Thu, 09 Feb 2023 19:58:24 GMT
Last-Modified: Tue, 07 Feb 2023 18:12:49 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cu8FsSt2d7FALcH9wZE_4qg4N67s26VEUCYy4i-YIXT65l-sPCIJyg==
Age: 6335

auonline.com.br/view/dist/fonts/actu/actu-regular.woff2

162.214.163.83

200 OK

23 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/actu/actu-regular.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 23108, version 1.0\012- data
Size
23 kB (23108 bytes)
Hash
9f9e011393ea7918ebb064c62b4f0615
cc08fd3508f54086a01620b73b05d94fab9d3352
25cd74e6c8d129ffefbe874187419763c1545c2987042f476af00b78ee57393e

HTTP Headers

GET /view/dist/fonts/actu/actu-regular.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:19:06 GMT
accept-ranges: bytes
content-length: 23108
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 08:40:11 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 08:40:11 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/fonts/actu/actu-light.woff2

162.214.163.83

200 OK

21 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/actu/actu-light.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 20728, version 1.0\012- data
Size
21 kB (20728 bytes)
Hash
6329ca621ff5728228d0a503dddcbb7c
70f8d68c613f8e002de9aedb162358de223ea3cf
177bb0e2a991eb49d096e369d9545adae5631b013e469199496a747b8255f5d9

HTTP Headers

GET /view/dist/fonts/actu/actu-light.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:19:03 GMT
accept-ranges: bytes
content-length: 20728
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 08:40:11 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 08:40:11 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/fonts/fm-fill-low/fm-fill-low-regular.woff2

162.214.163.83

200 OK

11 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/fm-fill-low/fm-fill-low-regular.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 11220, version 1.0\012- data
Size
11 kB (11220 bytes)
Hash
18e1cb0ce61a82bd41ae91ba5d0d06d1
f4d9ef4b3f692104faef5ba4a4c740c875884a1b
9e6942def158e6f573565efacac4822e42753707e3bbd88b1965084908044e4a

HTTP Headers

GET /view/dist/fonts/fm-fill-low/fm-fill-low-regular.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:19:14 GMT
accept-ranges: bytes
content-length: 11220
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 08:40:11 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 08:40:11 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/fonts/actu/actu-bold.woff2

162.214.163.83

200 OK

21 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/actu/actu-bold.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 21068, version 1.0\012- data
Size
21 kB (21068 bytes)
Hash
b19447c7ee6c8c77aac33b592898f703
5f40ed3415aa849f12ea8c80af58627af011439c
4faf40e97866d12fdd7c0a81c769e6cdd47065cf32f104f18b2a24efb5436ab5

HTTP Headers

GET /view/dist/fonts/actu/actu-bold.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:18:54 GMT
accept-ranges: bytes
content-length: 21068
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 08:40:11 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 08:40:11 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/imgs/favicon/favicon-default.png

162.214.163.83

200 OK

554 B

URL HTTP/2
auonline.com.br/view/dist/imgs/favicon/favicon-default.png
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
554 B (554 bytes)
Hash
01654ae11ca64ce3200e4b3b20432654
98a94db17db3ffbdebb088ef5ae357427c82b0a3
881f743917cfd03c3c2e98627f5a6164b71f349888ff0cd3078909bd7ce2d803

HTTP Headers

GET /view/dist/imgs/favicon/favicon-default.png HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:21:11 GMT
accept-ranges: bytes
content-length: 554
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 08:40:11 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: image/png
date: Wed, 08 Feb 2023 08:40:11 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/imgs/favicon/apple-icon-180x180.png

162.214.163.83

200 OK

5.5 kB

URL HTTP/2
auonline.com.br/view/dist/imgs/favicon/apple-icon-180x180.png
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5537 bytes)
Hash
c57b042feb18bd6e944e5217ce1d1a49
1a7135429c5d866f5490fe211feedcd87a1f008d
689e6994dc0bba5911d6a1589e2d57e49eed180501ad62d91dfbe4092cb84a2a

HTTP Headers

GET /view/dist/imgs/favicon/apple-icon-180x180.png HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/aarne/qj2grzw8kwem7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/f004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=ab1327b7e780cde1812a1e569c6e5a52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:21:07 GMT
accept-ranges: bytes
content-length: 5537
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 08:40:11 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: image/png
date: Wed, 08 Feb 2023 08:40:11 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 08:40:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 08:40:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 08:40:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12608
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 08:40:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10058 bytes)
Hash
a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 38048
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9579 bytes)
Hash
b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: 377c182d-43e8-4251-8731-6364d29fb955
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRFs0oAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-1ad3e68f50fc15707ec0406a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sUtUjqOLpq42m22bLgmLggmPbtatZC01og_xzkVI1o8rJtAnvhvqHA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 07:45:56 GMT
age: 16765
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4168 bytes)
Hash
845e4e4051f1162b20d3df5f208e8d3e
076462f67531c60b31ec768a275c96317292306d
40996d8929ab92f342328fc018518d6131c6222b0ec23051775eda276a602026

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4168
x-amzn-requestid: 24814225-0063-49fb-86ff-e78869538b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjQFS_IAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-67307c42182089b3096e98b5;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f90qZAgSmdYFuW_BDTZVivBlk_c5SrirTSeJmvoysOmCcOjxtFZrbA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 39490
etag: "076462f67531c60b31ec768a275c96317292306d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10202 bytes)
Hash
f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:13:47 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 37586
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8629 bytes)
Hash
02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:15:10 GMT
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
age: 37503
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10328 bytes)
Hash
1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 37684
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

securepubads.g.doubleclick.net/tag/js/gpt.js

142.250.74.130

200 OK

133 kB

URL HTTP/2
securepubads.g.doubleclick.net/tag/js/gpt.js
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65395)
Size
133 kB (133135 bytes)
Hash
1108b87cc0dfd9c3548437c5144d2875
beaa644350c63af5a1673bfe4735642e125c64ff
fdeb4de51dc44e4bd90ca55c31f83f64b893fc35e833a61123a4093dfc77254d

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27215
date: Wed, 08 Feb 2023 08:40:14 GMT
expires: Wed, 08 Feb 2023 08:40:14 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1476 / 383 of 1000 / last-modified: 1675811301"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

securepubads.g.doubleclick.net/pagead/ppub_config?ippd=auonline.com.br

142.250.74.130

200 OK

220 B

URL HTTP/2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=auonline.com.br
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (440), with no line terminators
Size
220 B (220 bytes)
Hash
2e338779f32abecf2402bd2b46c09306
582168ffc5a15014d7690f04814bc8fa4cfc17cd
8a40ab2eacbde1be661f5038b84340a5e680aa12b7d6f428148c305ee46b2307

HTTP Headers

GET /pagead/ppub_config?ippd=auonline.com.br HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://auonline.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Wed, 08 Feb 2023 08:40:14 GMT
expires: Wed, 08 Feb 2023 08:40:14 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 220
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 08:55:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230208

151.101.65.229

200 OK

823 B

URL HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230208
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (1596), with no line terminators
Size
823 B (823 bytes)
Hash
730257ef260b05778bbae3046826609f
c77bb642f064cdc9a257d3abf043fa11fe98f77e
7f85f6d676ca795e04e6db9a10f85ae6083fb22c4f9e3088cbdc73dd225fc0b4

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20230208 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://auonline.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1611
x-jsd-version-type: version
etag: W/"63c-Wragkk4KW82PDEbsthKnUslq6u4"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 08:40:14 GMT
age: 16762
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 823
X-Firefox-Spdy: h2

tagmanager.alright.network/lodash.min.js

54.230.111.119

200 OK

201 kB

URL HTTP/2
tagmanager.alright.network/lodash.min.js
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4143)
Size
201 kB (201062 bytes)
Hash
a574a2ce3c7e151d2d5df5ae7108da5f
00d7b18c6b7f00928667f849f9707421b1fa0f87
ac971319bea15af63793e535f370220b6f70d6950cd56b22b160ff6299c45a61

HTTP Headers

GET /lodash.min.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 26 Jan 2022 15:28:22 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 08:28:41 GMT
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e41__Rppf4KmEk2Bt1rJojDLpzIePyJ4dfpgvBRPDtz1hCeGcW1lAg==
age: 751
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
8c5f85d147ad85d1f49fccbb38462f5d
1bf801608b85dedb5b62542d91e90b3179d97214
0146434060bccbe0e9fc64d201d296dc516a7deb24bf6a64f5cb2fe46d2ef042

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 08:40:14 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6C86EE78EB53949776A50B0C7C76BCBFABF83527"
Expires: Wed, 08 Feb 2023 20:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1625
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79630f314d8bb4eb-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
3b8a1336c83e9c77d94f1801402922e8
914c22ee0f1bd5e8165cac9605a69dadcf53a7f9
10e443a01a394b33c96fb07f44456899c34953f4853897957e6eeef6f24765a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2790
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:14 GMT
Last-Modified: Wed, 08 Feb 2023 07:53:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
3b8a1336c83e9c77d94f1801402922e8
914c22ee0f1bd5e8165cac9605a69dadcf53a7f9
10e443a01a394b33c96fb07f44456899c34953f4853897957e6eeef6f24765a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2838
Cache-Control: max-age=100932
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:14 GMT
Etag: "63e23c1c-13a"
Expires: Thu, 09 Feb 2023 12:42:26 GMT
Last-Modified: Tue, 07 Feb 2023 11:55:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

imasdk.googleapis.com/js/sdkloader/ima3.js

216.58.211.10

200 OK

126 kB

URL HTTP/2
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2846)
Size
126 kB (125826 bytes)
Hash
98b1fe69946e421b8ece280ad4995eed
e6e0b95673083dd5319db64472e9505964998bc0
3ce90bb62a4f3d7a503d1a819ce1b7016837a27c17065adb97c94680a7cd870a

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125826
date: Wed, 08 Feb 2023 08:40:14 GMT
expires: Wed, 08 Feb 2023 08:40:14 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
56ad3ce1192a0e87e3253cb00f99ab0c
4dadc910d8b8e7fc31aac37ae56f5ae93278820b
6c138b60c4024bb649be8b2f460f2fed0548d788a0d15e2d7cbfb2b7185b1bdf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1105
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 08:40:14 GMT
Last-Modified: Wed, 08 Feb 2023 08:21:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://auonline.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 08:40:13 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=-NmVN180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dwSUNUdW9IRG9zMWxyOFRTYUlYank5d1pEUWlLaVl6SEFIY0NaVDF4WEc; expires=Mon, 04 Mar 2024 08:40:14 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://auonline.com.br
server-processing-duration-in-ticks: 354731
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

www.googletagservices.com/tag/js/gpt.js

142.250.74.2

200 OK

27 kB

URL HTTP/2
www.googletagservices.com/tag/js/gpt.js
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (39302)
Size
27 kB (27237 bytes)
Hash
c6025394c17a8a92c820923d3c4f7ace
786d7a889a993e5d4ed6507b257c43b43a3ad297
cdd6b907b60055c5f80aa1ba65e0d8d531efb02801d725452408e6b42c9cde1d

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27237
date: Wed, 08 Feb 2023 08:40:16 GMT
expires: Wed, 08 Feb 2023 08:40:16 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1476 / 768 of 1000 / last-modified: 1675811217"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tagmanager.alright.network/manager/js/container_KETFTGOj.js

54.230.111.119

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/manager/js/container_KETFTGOj.js
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /manager/js/container_KETFTGOj.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 15:44:50 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 08:40:14 GMT
etag: W/"59a13bd579d224d01d7b111c6eea6bef"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mDzr6CATYzvc5NPqhRRGC07L3Va9YJhST7fkSCLkNedkLg_dE9c3aw==
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fauonline.com.br%2F&domain=auonline.com.br&cw=1&lsw=1

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fauonline.com.br%2F&domain=auonline.com.br&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fauonline.com.br%2F&domain=auonline.com.br&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://auonline.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 08:40:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://auonline.com.br
server-processing-duration-in-ticks: 1290342
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

tagmanager.alright.network/cloudinary-core.min.js

54.230.111.119

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/cloudinary-core.min.js
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cloudinary-core.min.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 26 Jan 2022 15:28:24 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 08:33:02 GMT
etag: W/"a1be2e94d994f87394275c7c24229e51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W6N0vcyDmEWqCicodV2UxjrRZwFafeVyFDme_MEsyxZ93bAkNRF0RA==
age: 480
X-Firefox-Spdy: h2

tagmanager.alright.network/cld-video-player.min.js

54.230.111.119

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/cld-video-player.min.js
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cld-video-player.min.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 16:19:43 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 08:35:13 GMT
etag: W/"f424c0548bcfc13402d775a5f3c7e056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DhgIf99XhxxbdtyNweAkI8Ho4pylAbHwWKaqHcxXkYSXN8yxEXqJBQ==
age: 354
X-Firefox-Spdy: h2

tagmanager.alright.network/cld-video-player.min.css

54.230.111.119

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/cld-video-player.min.css
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cld-video-player.min.css HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 26 Jan 2022 15:28:26 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 08:39:54 GMT
etag: W/"7504d85c52d7210f8a3616c7f446e29d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: omQOWKW1arm7tDVRi4Fb_bTr-nNquHMtBXsp_6PE3HIu9Vm7EYuMMQ==
age: 68
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL