static.dl.mail.ru/BattleTeams2Loader.exe
188.93.63.180 2.2 MB URL static.dl.mail.ru/BattleTeams2Loader.exe
IP 188.93.63.180:0
Size 2.2 MB (2229690 bytes)
Hash 9c66359598faca174aee41c6a271131d
314b41f77f08350f5fd8c93ceacd23e9f4be9369
59c0a58bc78ed278c4fcbdaceaff7a397d52bdc1a347a599b73049e4b7712475
GET /BattleTeams2Loader.exe HTTP/1.1
Host: static.dl.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Range: bytes=10237710-
If-Match: "642e65e4-be3cc8"
If-Unmodified-Since: Thu, 06 Apr 2023 06:25:40 GMT
HTTP/1.1 206 Partial Content
Server: nginx/1.20.1
Date: Sat, 08 Apr 2023 05:47:48 GMT
Content-Type: application/octet-stream
Content-Length: 2229690
Last-Modified: Thu, 06 Apr 2023 06:25:40 GMT
Connection: keep-alive
Keep-Alive: timeout=20
Content-Disposition: attachment; filename="BattleTeams2Loader_0bcab178f62cc0e4839ba7e5301e30d1.exe"
ETag: "642e65e4-be3cc8"
Content-Range: bytes 10237710-12467399/12467400
lilicamanequinsfiber.com.br/
34.102.136.180200 OK 2.8 kB URL User Request GET HTTP/1.1 lilicamanequinsfiber.com.br/
IP 34.102.136.180:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2830), with no line terminators
Hash deab82e9d004d18ea5e4edb807893b97
1906a16dbe947a41a97dee404adfbde7b797d1b2
bae5192883df949868c99fe9be72cbc1f340716dce6bb22bc1d7381be88860a6
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: lilicamanequinsfiber.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 08 Apr 2023 05:47:49 GMT
Content-Type: text/html
Content-Length: 2830
Last-Modified: Sat, 08 Apr 2023 03:31:51 GMT
ETag: "6430e027-b0e"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_FeAnxazKhYrguQptet1yZeWLeoNbFdEtHS5cqVRm9QqhVGJRuu6740YL+FQska7PPx9XRj6FjDJzY8wOCs+DZQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: system=PW;Path=/;Max-Age=86400;
caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
traffic_target=gd;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
23.36.79.16200 OK 140 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
IP 23.36.79.16:443
ASN #20940 Akamai International B.V.
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65462)
Size 140 kB (139862 bytes)
Hash 86e3cfb33222003b0db28f9a3dd97c0b
be2be171a4e55332472ee32fd73f5a1b5dcb952f
24f9d9e26c29c25042fe573f938d08afd365f83a1f5e32853c26d2f72df65411
GET /parking-lander/static/js/0.40743286.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: f0SGcvFmDtEX/kqsGotSp6Buh7LQtFnodVFgNR7DozUuYF4unhJHIR5WZD92RZWybaw0iBhKDII=
x-amz-request-id: 2FAJDMPCN6W0P945
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "b068012e619429e22f89192c5175a1e0"
x-amz-server-side-encryption: AES256
x-amz-version-id: gYg2nrvw6dt8CWezF3ZJ_Af3PN3NBmJj
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 139862
cache-control: max-age=31536000
expires: Sun, 07 Apr 2024 05:47:49 GMT
date: Sat, 08 Apr 2023 05:47:49 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
23.36.79.16200 OK 1.8 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
IP 23.36.79.16:443
ASN #20940 Akamai International B.V.
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (4918)
Hash 4765833f8aa1de1e75804851ab0449f3
b56fc269f045d73338c8dd55f638aa633de28e7d
c42908523310021f78e7a1c65746224723cda12e89730b0efeb24430b84dac1c
GET /parking-lander/static/js/main.727544c3.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: G+KwmdDoK2pI6c9DvjEwx8Yd4NOzuYF7PYbj0A+2bVdqnBv06gVVmOL1QEU8ZWzx1R0e+H5Ch2w=
x-amz-request-id: 2FAP39Z2BBAD4Z6V
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "5fdf5d5d4c43969c55a42e692b95b2c9"
x-amz-server-side-encryption: AES256
x-amz-version-id: K0T3Ca3fAhPnHOiGo0Ai9_inM.KjDWrk
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 1827
cache-control: max-age=31536000
expires: Sun, 07 Apr 2024 05:47:49 GMT
date: Sat, 08 Apr 2023 05:47:49 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
23.36.79.16200 OK 57 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
IP 23.36.79.16:443
ASN #20940 Akamai International B.V.
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b1a9331d6c0e8a1b66863c6ca8477641
90dfe8b3d4571613ed3e04e53d2503d58684dc03
d21e9a17b3f1a8d15dff4aee534040b740009c16ef74c4185eb151ca52ba1c66
GET /parking-lander/static/js/1.3fa140ef.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: OCcGn1JfNBQv6+PedMR9b3qPljuI4WoxpivU6zSOnj5T4ghXWTvCbv6/qtM8SSXELvZkrY2NYI0=
x-amz-request-id: 2FAPK430WR30W4W0
last-modified: Tue, 14 Feb 2023 15:44:40 GMT
etag: "06166eb9b942e7c63d8ee1eba5b3de68"
x-amz-server-side-encryption: AES256
x-amz-version-id: Qm3JNw36qGFoIyTVwvXuxJRglKzwn3oO
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 57353
cache-control: max-age=31536000
expires: Sun, 07 Apr 2024 05:47:49 GMT
date: Sat, 08 Apr 2023 05:47:49 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
lilicamanequinsfiber.com.br/px.js?ch=1&abp=1
34.102.136.180200 OK 476 B URL GET HTTP/1.1 lilicamanequinsfiber.com.br/px.js?ch=1&abp=1
IP 34.102.136.180:80
Requested by http://lilicamanequinsfiber.com.br/
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
GET /px.js?ch=1&abp=1 HTTP/1.1
Host: lilicamanequinsfiber.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Cookie: system=PW; caf_ipaddr=91.90.42.154; country=NO; city=""; traffic_target=gd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 08 Apr 2023 05:47:49 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 06 Apr 2023 01:33:01 GMT
ETag: "642e214d-1dc"
Accept-Ranges: bytes
Via: 1.1 google
lilicamanequinsfiber.com.br/px.js?ch=2&abp=1
34.102.136.180200 OK 476 B URL GET HTTP/1.1 lilicamanequinsfiber.com.br/px.js?ch=2&abp=1
IP 34.102.136.180:80
Requested by http://lilicamanequinsfiber.com.br/
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
GET /px.js?ch=2&abp=1 HTTP/1.1
Host: lilicamanequinsfiber.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Cookie: system=PW; caf_ipaddr=91.90.42.154; country=NO; city=""; traffic_target=gd
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 08 Apr 2023 05:47:49 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Thu, 06 Apr 2023 01:33:01 GMT
ETag: "642e214d-1dc"
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash a017e60cf93d0e227f7ed6960b1b2462
f3b37e24f6561a237d72e99722a78d9f98361420
9f2d92adbe14ad77c1e24761ed49035ad165990f58aae83f49dfd7b54f267a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8840e12891fd28b583826691f05f8f76
5373346d606da309e60754ffffbef2f2be3a69ff
6e40fb85dadf1bb23ec142615822671eb07d20e279e70c386f5d678792456593
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js?abp=1
142.250.74.132200 OK 56 kB URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1
IP 142.250.74.132:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:55:D3:30:01:87:C1:43:56:A2:49:7D:77:5F:E1:F2:3C:04:60:E7
ValidityMon, 20 Mar 2023 08:26:32 GMT - Mon, 12 Jun 2023 08:26:31 GMT
Hash 2bc934081385026696e85d0e13b5fdfa
9cedc3304c927bf27baa0be7f672d1c074796bf6
d01a157e3b600dba07ed734e05b2c1e348fb3146021b51755e6287b49930efb6
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 08 Apr 2023 05:47:49 GMT
expires: Sat, 08 Apr 2023 05:47:49 GMT
cache-control: private, max-age=3600
etag: "1682913448459385544"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/parking/landers/lilicamanequinsfiber.com.br?trafficTarget=gd&abp=1
18.235.167.98200 OK 0 B URL GET HTTP/2 api.aws.parking.godaddy.com/v1/parking/landers/lilicamanequinsfiber.com.br?trafficTarget=gd&abp=1
IP 18.235.167.98:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/parking/landers/lilicamanequinsfiber.com.br?trafficTarget=gd&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://lilicamanequinsfiber.com.br/
Origin: http://lilicamanequinsfiber.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 08 Apr 2023 05:47:50 GMT
content-length: 0
set-cookie: AWSALB=S/Q79tdndtn1mgSUpWSCpPw7VAbxFJJ5VlUMS482Yu/oSB6IJKm+8IZ+blDrEdNK/usQ/bfE8nnSKLKBb2Vxf73bO1EK7OGuJZ7fRQ/OHgqVpZSScrSIUvlnMAXB; Expires=Sat, 15 Apr 2023 05:47:50 GMT; Path=/
AWSALBCORS=S/Q79tdndtn1mgSUpWSCpPw7VAbxFJJ5VlUMS482Yu/oSB6IJKm+8IZ+blDrEdNK/usQ/bfE8nnSKLKBb2Vxf73bO1EK7OGuJZ7fRQ/OHgqVpZSScrSIUvlnMAXB; Expires=Sat, 15 Apr 2023 05:47:50 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://lilicamanequinsfiber.com.br
access-control-max-age: 600
x-request-id: uHrrnRq0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24 1.8 kB IP 192.124.249.24:0
Hash a1491eb62672ac03ade1c6cc8f3944ac
1664a6d23f9b0f7f81e90774c9b65cc55d15756c
743d038dae196bb049dbf830897d732e1aedd5a4db0ee5fd46ba6c01f1a7983c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 08 Apr 2023 05:47:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 07 Apr 2023 21:20:53 GMT
Expires: Sat, 08 Apr 2023 21:20:53 GMT
ETag: "1664a6d23f9b0f7f81e90774c9b65cc55d15756c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.aws.parking.godaddy.com/v1/parking/landers/lilicamanequinsfiber.com.br?trafficTarget=gd&abp=1
18.235.167.98200 OK 884 B URL GET HTTP/2 api.aws.parking.godaddy.com/v1/parking/landers/lilicamanequinsfiber.com.br?trafficTarget=gd&abp=1
IP 18.235.167.98:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
File type JSON data\012- , ASCII text, with very long lines (883)
Hash 8e2fe14cc6071ac6019d6f3051bd13b1
7f760c831450db35ce2c9d069ca9f02cb2766a79
e9c21fe8d96d03d948615dde2fadf1809f35c448eed858273852b6390697db8e
GET /v1/parking/landers/lilicamanequinsfiber.com.br?trafficTarget=gd&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lilicamanequinsfiber.com.br/
X-Request-Id: 8bc4d24a-eaa0-47cf-a04b-427ca1bae80e
Origin: http://lilicamanequinsfiber.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Apr 2023 05:47:50 GMT
content-type: application/json
content-length: 884
set-cookie: AWSALB=hej8BOgsNI0QcaDymIvxZIkbQW1NnXRO+HKuIHy/gkg7NGrnxJ+CyJcpZYasga62MzaPKwvby0PuPhVQ33sQ36Xd5SMyBa8WyyDAJJ3UwSAgAgj89F7oYpCrmNZ9; Expires=Sat, 15 Apr 2023 05:47:50 GMT; Path=/
AWSALBCORS=hej8BOgsNI0QcaDymIvxZIkbQW1NnXRO+HKuIHy/gkg7NGrnxJ+CyJcpZYasga62MzaPKwvby0PuPhVQ33sQ36Xd5SMyBa8WyyDAJJ3UwSAgAgj89F7oYpCrmNZ9; Expires=Sat, 15 Apr 2023 05:47:50 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://lilicamanequinsfiber.com.br
access-control-max-age: 600
x-request-id: 8bc4d24a-eaa0-47cf-a04b-427ca1bae80e
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 3aca5143075ba261b31f295c25bd0667
11bfc401d88a3b1b1151f85e00b7de30fadb353f
9c3b8ddc2dfc2df2ce533492b77e6222c25312d4384cdf74e0d94059861f1e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&r=m&rpbu=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8321680932870608&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680932870610&u_w=1280&u_h=1024&biw=1280&bih=917&psw=1280&psh=400&frm=0&cl=521491932&uio=-&cont=relatedLinks&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&adbw=master-1%3A854
142.250.74.132200 OK 2.0 kB URL GET HTTP/3 www.google.com/afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&r=m&rpbu=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8321680932870608&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680932870610&u_w=1280&u_h=1024&biw=1280&bih=917&psw=1280&psh=400&frm=0&cl=521491932&uio=-&cont=relatedLinks&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&adbw=master-1%3A854
IP 142.250.74.132:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5080)
Hash 5da296a45070b57591187419636cdb9f
0d2d27a1db65d5ee5237458a6ab1bbae1f7ffb0d
c50626176e18903f570ca5336a38ca32c5480597992dfb24bee83109adeddb9c
GET /afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&r=m&rpbu=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8321680932870608&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680932870610&u_w=1280&u_h=1024&biw=1280&bih=917&psw=1280&psh=400&frm=0&cl=521491932&uio=-&cont=relatedLinks&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&adbw=master-1%3A854 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 08 Apr 2023 05:47:50 GMT
expires: Sat, 08 Apr 2023 05:47:50 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-QO3mjWmwSKElkspOOX09Ow' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2040
x-xss-protection: 0
set-cookie: CONSENT=PENDING+961; expires=Mon, 07-Apr-2025 05:47:50 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
partner.googleadservices.com/gampad/cookie.js?domain=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&product=SAS&callback=__sasCookie
142.250.74.98200 OK 252 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&product=SAS&callback=__sasCookie
IP 142.250.74.98:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
FingerprintBB:4C:F1:93:30:6E:E2:2F:8F:BE:5D:63:30:E3:52:49:63:DE:D3:2C
ValidityMon, 20 Mar 2023 08:24:17 GMT - Mon, 12 Jun 2023 08:24:16 GMT
File type ASCII text, with very long lines (394), with no line terminators
Hash 530c3280cb1b8adbbea5c6d710942877
b7f925ff2ed4ab2590429f2346d5949d760c7486
02149dc7e390cb980def9811b46ebf5aff02f262ff362f479fd6975223c1228d
GET /gampad/cookie.js?domain=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 08 Apr 2023 05:47:50 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 3aca5143075ba261b31f295c25bd0667
11bfc401d88a3b1b1151f85e00b7de30fadb353f
9c3b8ddc2dfc2df2ce533492b77e6222c25312d4384cdf74e0d94059861f1e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash d92cc9ee049e85fd50d672fd1294ab36
f281e2d385f42bce8cfdb33de39c4c10a0ce53d6
654cdcba9929121098bb116f3889c51096510dff6b245406b26f52b809582f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
142.250.74.97200 OK 272 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&r=m&rpbu=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8321680932870608&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680932870610&u_w=1280&u_h=1024&biw=1280&bih=917&psw=1280&psh=400&frm=0&cl=521491932&uio=-&cont=relatedLinks&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&adbw=master-1%3A854
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint8E:EA:87:FA:FF:46:6E:7F:92:1B:9F:3C:2C:8E:4D:FD:4F:C8:3D:0E
ValidityMon, 20 Mar 2023 08:25:52 GMT - Mon, 12 Jun 2023 08:25:51 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash bbbac37f0b6e29a6099e4aa7cb19d6ca
0acafe95e2141f0af6109203efeb2d98e6b926c6
a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 07 Apr 2023 11:05:44 GMT
expires: Sat, 08 Apr 2023 10:05:44 GMT
cache-control: public, max-age=82800
age: 67327
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash d92cc9ee049e85fd50d672fd1294ab36
f281e2d385f42bce8cfdb33de39c4c10a0ce53d6
654cdcba9929121098bb116f3889c51096510dff6b245406b26f52b809582f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
18.235.167.98200 OK 0 B URL POST HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP 18.235.167.98:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://lilicamanequinsfiber.com.br/
Origin: http://lilicamanequinsfiber.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Apr 2023 05:47:51 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=zAM4VyYm1RTOusWYMtLpPYMqeZANUNNDRo5fE4eJYrby2elbfNMoYSME7x6r64y5zYrKXhV+rvQQRULmc7Rex63oDK2/gPxP+/Z05ZwFooSHuGL0LRMXA+E4I8xA; Expires=Sat, 15 Apr 2023 05:47:51 GMT; Path=/
AWSALBCORS=zAM4VyYm1RTOusWYMtLpPYMqeZANUNNDRo5fE4eJYrby2elbfNMoYSME7x6r64y5zYrKXhV+rvQQRULmc7Rex63oDK2/gPxP+/Z05ZwFooSHuGL0LRMXA+E4I8xA; Expires=Sat, 15 Apr 2023 05:47:51 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&r=m&rpbu=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8321680932870608&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680932870610&u_w=1280&u_h=1024&biw=1280&bih=917&psw=1280&psh=400&frm=0&cl=521491932&uio=-&cont=relatedLinks&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&adbw=master-1%3A854
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint8E:EA:87:FA:FF:46:6E:7F:92:1B:9F:3C:2C:8E:4D:FD:4F:C8:3D:0E
ValidityMon, 20 Mar 2023 08:25:52 GMT - Mon, 12 Jun 2023 08:25:51 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 08 Apr 2023 00:53:37 GMT
expires: Sat, 08 Apr 2023 23:53:37 GMT
cache-control: public, max-age=82800
age: 17654
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash d92cc9ee049e85fd50d672fd1294ab36
f281e2d385f42bce8cfdb33de39c4c10a0ce53d6
654cdcba9929121098bb116f3889c51096510dff6b245406b26f52b809582f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Apr 2023 05:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
18.235.167.98200 OK 0 B URL POST HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP 18.235.167.98:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lilicamanequinsfiber.com.br/
Content-Type: application/json
Content-Length: 698
Origin: http://lilicamanequinsfiber.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Apr 2023 05:47:51 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=jDQH70qdZxM3wTygYLzWcQSpbbKzWNuvXwv24m0UWswye1n3lnl4ZJKTnucf7hoGWx+5MZmOsG79C6z1bmKmrw/s3cUXNQ46CramSBCwwRJcYKQuiljYTmIfpXQp; Expires=Sat, 15 Apr 2023 05:47:51 GMT; Path=/
AWSALBCORS=jDQH70qdZxM3wTygYLzWcQSpbbKzWNuvXwv24m0UWswye1n3lnl4ZJKTnucf7hoGWx+5MZmOsG79C6z1bmKmrw/s3cUXNQ46CramSBCwwRJcYKQuiljYTmIfpXQp; Expires=Sat, 15 Apr 2023 05:47:51 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/afs/gen_204?client=dp-godaddy1_xml&output=uds_ads_only&zx=yw5peqqb5ukh&aqid=BgAxZIC1MZWyywWfobD4DA&psid=7949183650&pbt=bs&adbx=246&adby=279&adbh=299&adbw=788&adbah=92%2C92%2C92&adbn=master-1&eawp=partner-dp-godaddy1_xml&errv=521491932&csala=4%7C0%7C266%7C51%7C190&lle=0&llm=1000&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-godaddy1_xml&output=uds_ads_only&zx=yw5peqqb5ukh&aqid=BgAxZIC1MZWyywWfobD4DA&psid=7949183650&pbt=bs&adbx=246&adby=279&adbh=299&adbw=788&adbah=92%2C92%2C92&adbn=master-1&eawp=partner-dp-godaddy1_xml&errv=521491932&csala=4%7C0%7C266%7C51%7C190&lle=0&llm=1000&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-godaddy1_xml&output=uds_ads_only&zx=yw5peqqb5ukh&aqid=BgAxZIC1MZWyywWfobD4DA&psid=7949183650&pbt=bs&adbx=246&adby=279&adbh=299&adbw=788&adbah=92%2C92%2C92&adbn=master-1&eawp=partner-dp-godaddy1_xml&errv=521491932&csala=4%7C0%7C266%7C51%7C190&lle=0&llm=1000&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-tGXXmRiVWY4CnPP5j17lzw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 08 Apr 2023 05:47:52 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=mZDZJR-tSfWLiITQBXuJSv0rg0SJgqCw1K5bLXK3nHKo3WOhgtbidwK0HEyc1XBsv-hNVtagw2IH3zlLganZX-_0DmIH4z0Flbg0K5JKD_3MJLGQP7xLy2QE2jHu5EnAXgRJeCZEDihvb3bu9BGepi0R775KeNH7FIvnTGqQrRU; expires=Sun, 08-Oct-2023 05:47:52 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+517; expires=Mon, 07-Apr-2025 05:47:52 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-godaddy1_xml&output=uds_ads_only&zx=5h96awfxkrka&aqid=BgAxZIC1MZWyywWfobD4DA&psid=7949183650&pbt=bv&adbx=246&adby=279&adbh=299&adbw=788&adbah=92%2C92%2C92&adbn=master-1&eawp=partner-dp-godaddy1_xml&errv=521491932&csala=4%7C0%7C266%7C51%7C190&lle=0&llm=1000&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-godaddy1_xml&output=uds_ads_only&zx=5h96awfxkrka&aqid=BgAxZIC1MZWyywWfobD4DA&psid=7949183650&pbt=bv&adbx=246&adby=279&adbh=299&adbw=788&adbah=92%2C92%2C92&adbn=master-1&eawp=partner-dp-godaddy1_xml&errv=521491932&csala=4%7C0%7C266%7C51%7C190&lle=0&llm=1000&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://lilicamanequinsfiber.com.br/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-godaddy1_xml&output=uds_ads_only&zx=5h96awfxkrka&aqid=BgAxZIC1MZWyywWfobD4DA&psid=7949183650&pbt=bv&adbx=246&adby=279&adbh=299&adbw=788&adbah=92%2C92%2C92&adbn=master-1&eawp=partner-dp-godaddy1_xml&errv=521491932&csala=4%7C0%7C266%7C51%7C190&lle=0&llm=1000&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://lilicamanequinsfiber.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Tly6yS1YZyBjfNK7Uo8FPg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sat, 08 Apr 2023 05:47:53 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=G78tzN7HCNirXr4nyOVc00YtrJSTH1GU7Wod9aKzFtr071FVgKpguaL_HfAcEFvq0jGMA4TJgwVRL_vbakvUE0w9JkREdchxiCtmtx3fggH6YkujeKuUn5qATnbDSHJtRKmTknd4xvruduC5lSiGjy2b4GWqnRV6Slezjiv_Wgk; expires=Sun, 08-Oct-2023 05:47:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+000; expires=Mon, 07-Apr-2025 05:47:53 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 148 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=7949183650&pcsa=false&channel=non-expiry&domain_name=lilicamanequinsfiber.com.br&client=dp-godaddy1_xml&r=m&rpbu=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&type=3&uiopt=true&swp=as-drid-oo-1885714186540894&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r3&nocache=8321680932870608&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1680932870610&u_w=1280&u_h=1024&biw=1280&bih=917&psw=1280&psh=400&frm=0&cl=521491932&uio=-&cont=relatedLinks&jsid=caf&jsv=521491932&rurl=http%3A%2F%2Flilicamanequinsfiber.com.br%2F&adbw=master-1%3A854
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBC:12:A9:4C:44:2A:9A:A2:F3:90:FC:9B:BD:52:91:4C:61:A4:7C:CD
ValidityMon, 20 Mar 2023 08:22:16 GMT - Mon, 12 Jun 2023 08:22:15 GMT
File type ASCII text, with very long lines (2193)
Size 148 kB (148196 bytes)
Hash 3cd07944a833f189feeb7870cedd0b8a
a72b1abfdd566c2a72ec85949778c2c9b902bc2e
1cc09846258fa585312e0a7290036ee238c8d235f7758f909b32e6958e2f5d76
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 08 Apr 2023 05:47:51 GMT
expires: Sat, 08 Apr 2023 05:47:51 GMT
cache-control: private, max-age=3600
etag: "953786019220193827"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000