r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2977
Expires: Mon, 20 Mar 2023 22:51:21 GMT
Date: Mon, 20 Mar 2023 22:01:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Mon, 20 Mar 2023 22:39:06 GMT
Date: Mon, 20 Mar 2023 22:01:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3534
Expires: Mon, 20 Mar 2023 23:00:39 GMT
Date: Mon, 20 Mar 2023 22:01:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 21:14:55 GMT
content-type: application/json
age: 2810
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s2/NMK4StZgH3zohQ4J/XaOkC3ugFy+6NTG6GLJT24InB9PV/H6NFWhv8H7Hh/ms1BuC4bD41kSeRn5bNurvUA==
x-amz-request-id: APR2Z7ZD1Q7AQWGS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 21:58:51 GMT
age: 174
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
82.180.135.215301 Moved Permanently 707 B URL HTTP/1.1 crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
IP 82.180.135.215:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 20 Mar 2023 22:01:37 GMT
server: LiteSpeed
location: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
platform: hostinger
content-security-policy: upgrade-insecure-requests
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 22:01:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 21:17:21 GMT
age: 2664
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3039
Expires: Mon, 20 Mar 2023 22:52:24 GMT
Date: Mon, 20 Mar 2023 22:01:45 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.247.157101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.247.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 44UnnYhmFQ9ZEQhhhSn0fw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eQXZMb4BUTXEhlO3/lQIx0hblEM=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Mon, 20 Mar 2023 23:45:12 GMT
Date: Mon, 20 Mar 2023 22:01:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Mon, 20 Mar 2023 23:45:12 GMT
Date: Mon, 20 Mar 2023 22:01:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Mon, 20 Mar 2023 23:45:12 GMT
Date: Mon, 20 Mar 2023 22:01:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Mon, 20 Mar 2023 23:45:12 GMT
Date: Mon, 20 Mar 2023 22:01:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6205
Expires: Mon, 20 Mar 2023 23:45:12 GMT
Date: Mon, 20 Mar 2023 22:01:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:14:44 GMT
age: 85623
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xfkObFQbeYQQjIJ4FWQ7xKbH5FPxBQ1vkTDCwWCM6IcAAu8H31BNhQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:04:48 GMT
age: 53819
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1533684819dcbf9e77684c19eb86465
489f8f036efd23ce36085af127af7d6c794fe00b
9154a471013bd0972fad93ea4eeaf4b23f66dd1534e0d9cc302263aca0f94bd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd8451-f062-4a29-9566-2fa60e012de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12424
x-amzn-requestid: 64a89fbe-4ac0-4059-a481-37c30ae36928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eOuEG2oAMF1Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd91-0492160f3e8196a23fc53eda;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tx--67yg-v6sA1zslsl2iUXzLbdnWhU-cMqTDpxldZg-qog8-urKcA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 08:59:45 GMT
age: 46922
etag: "489f8f036efd23ce36085af127af7d6c794fe00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 02HknfEEVW-DU3f3sOQgfs_eL48pvEgV4ft__uRLXOFlDO5qX5tDsQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:55:31 GMT
age: 376
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6645ef8b7e2b10326cc1cb7c76f82769
cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced
1076fa495f0b7cc23922f64cc6a6f596de9a6f08ea7549eef785d804db0be7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8189
x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqgGsdIAMFi6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 615Du8dUBpZq6He1j_lB3Jl8nVFhWYBVO6qfBcFwcGIlpjDMMLXQUg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:51 GMT
age: 85556
etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5aa79770d71507827e79149031b5cf
338ee74f53fac2b19a90981bc4b02a3c3722a1fa
81df6f2312df6e488ae91c172ecf872d694497ffe80500f71eb97e6c06ff5f5f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1c8c491-aa6d-4268-a72a-1f4233962425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: dfaf4924-b8c3-4b6b-a079-7c3903fdf4fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVjGJyIAMFS9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f56-6379351b215dc2d9638de9ea;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XYA6F9VzUqxozJS4OsX-TKy81mOHUB7N6L7rkCaQJmXe5n-a_Zce-Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:15:51 GMT
age: 85556
etag: "338ee74f53fac2b19a90981bc4b02a3c3722a1fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
82.180.135.215200 OK 3.8 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
IP 82.180.135.215:0
Hash c4fcd274dcbc80d5d41e71ff809e33da
e3471a26064fec6649baba92f5e8e6b2ce6b2064
eed5817d9fb02d5de6e56a874d79894ce2b025682fd93baa86ac955892dd3f4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "555a-5f4e9718-d8e5fdaa177b14aa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3773
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/css/esf-custom-fonts.css?ver=5.8.6
82.180.135.215200 OK 462 B URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/css/esf-custom-fonts.css?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (1861), with no line terminators
Hash 23751a070fab3986f162f802faf67648
b8c464c3fd116c3d20352b33ceea2bc2c480ba2d
0af7a95dd246037ee6efb4cf09cd378b043780c15efecb5664ccc35db35f67ca
GET /wp-content/plugins/easy-facebook-likebox/frontend/assets/css/esf-custom-fonts.css?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "745-620c02e7-43898c248ae78ae;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 462
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/esf-free-popup.css?ver=6.3.3
82.180.135.215200 OK 1.7 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/esf-free-popup.css?ver=6.3.3
IP 82.180.135.215:0
Hash 8de78d334c2b16e8b60122b2e481532d
6274b0fbc67fa90b69ce083197c0200bbfbc2032
72e5ee15cd5b638575543d56d3827f5d00814d7d22f48e53a60497de4c1c343d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/esf-free-popup.css?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "20de-620c02e7-6e23dc3ac1b37e27;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1742
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
82.180.135.215200 OK 4.9 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
IP 82.180.135.215:0
File type ASCII text, with very long lines (30236), with no line terminators
Hash 48f589f8536e4c3190fa64b8256ec3a7
fd4b2dc9047bdca5b14916d428916f96cc41fc79
4e2b2ea09f6bb6c116885abd451e498d86c088d8e4c91dbbe9484369751c21f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:32 GMT
etag: "761c-620c02dc-c5e60699e40eb342;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4912
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/easy-facebook-likebox-frontend.css?ver=6.3.3
82.180.135.215200 OK 32 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/easy-facebook-likebox-frontend.css?ver=6.3.3
IP 82.180.135.215:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d603dde2e156132339747cb776c4be65
d77f1bb6efc40f11a4c960b4d32b536e41ad315f
40cdad8f2f51b44ae8993fa900a76904965e12118361c49d780ccffd47ee435d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/easy-facebook-likebox-frontend.css?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "93539-620c02e7-e763854647435b3b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31811
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/themes/Avada/assets/css/style.min.css?ver=7.0.2
82.180.135.215200 OK 18 kB URL HTTP/2 crissallesterapias.com.br/wp-content/themes/Avada/assets/css/style.min.css?ver=7.0.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 50ed074d489ee2eced5e9b1273027f90
b5df3dc99b940286a99c91cbb44e2cca66709022
98acfd3dcaa6168497731b1fa1a990bef720f00e334d041dc5fc72ae71db90ff
GET /wp-content/themes/Avada/assets/css/style.min.css?ver=7.0.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Wed, 12 Aug 2020 17:27:12 GMT
etag: "1a1aa-5f342670-f46a555d16ff0daa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18384
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/css/esf-insta-frontend.css?ver=5.8.6
82.180.135.215200 OK 32 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/css/esf-insta-frontend.css?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a34c5f3bc4d232f9c7a30dfd805c0ef2
77f979ee6f6ad7983ad7cae3ba3cab11650a2d8c
eed4ef64ef3978a65c0b29d7d0fa6b30d321ecb9a4e2533d54997dc7145d1c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/css/esf-insta-frontend.css?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "a7aff-620c02e7-8af0321f000c8a16;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32092
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/uploads/2020/09/Logo-3.png
82.180.135.215200 OK 54 kB URL HTTP/2 crissallesterapias.com.br/wp-content/uploads/2020/09/Logo-3.png
IP 82.180.135.215:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4127b7b2cd38098901f539a1801043df
4d69643476d58ba8765c0071fcb72c1cc66e0dd3
b13afdd1de3453270e3adc1e437b7cf7a8f062f3c7a1dbffbfbaed46e0a71ace
GET /wp-content/uploads/2020/09/Logo-3.png HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: image/png
last-modified: Mon, 14 Sep 2020 18:50:10 GMT
etag: "d2e5-5f5fbb62-fdc75b5db259cf48;;;"
accept-ranges: bytes
content-length: 53989
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
82.180.135.215200 OK 4.0 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "2bd8-618e6f85-3c1be1e98ebdb36d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
82.180.135.215200 OK 3.1 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
IP 82.180.135.215:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash e27c54db8379c779d5ef89497ab5c08d
fff3aacc11fae7e0efde0f102c78680b070851f7
f6249f32d365a41a05562dfb2e714bab8ea87ef3eee8c5dd0ea32e8eddfdd272
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "5513-5f4e9718-f8ff314137da8050;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3060
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/public.js?ver=6.3.3
82.180.135.215200 OK 1.3 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/public.js?ver=6.3.3
IP 82.180.135.215:0
Hash 9f456cd75e2acd304fb0b31c26e3c65d
cc3034fdd8a690ce200c70d12dd71bb192d7bf9c
682ac1859f219ac4a6987d48f8b6b8f3fc85f4bbfc240cbfb3ab447085d41242
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/public.js?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "1104-620c02e7-a7112abc057d5eef;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1267
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/js/imagesloaded.pkgd.min.js?ver=5.8.6
82.180.135.215200 OK 1.7 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/js/imagesloaded.pkgd.min.js?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (5477)
Hash 026558691b2cd955e760117c2c4ac4c7
46d628c4ac4aafef0a1afe281c584cb706494f07
3eafbab43f4eb594b838ee220b33f6e04628d4e41b18ca22b85452ec38265a9a
GET /wp-content/plugins/easy-facebook-likebox/frontend/assets/js/imagesloaded.pkgd.min.js?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "15da-620c02e7-a0dbdda6296ad842;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1703
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/js/esf-insta-public.js?ver=1
82.180.135.215200 OK 2.1 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/js/esf-insta-public.js?ver=1
IP 82.180.135.215:0
Hash 59dcdde3b4a6e334e595a55a77c50758
073f6fbaa8c785492c8054b020b3a16b06a04902
62fb10715c1bc8bdf90f2fad5f41b1f7eec9c9834e2d75bb13a43a4e6f3429cf
GET /wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/js/esf-insta-public.js?ver=1 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "2817-620c02e7-2ffb3aa09a3c9270;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2131
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
82.180.135.215200 OK 2.3 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 82.180.135.215:0
File type ASCII text, with very long lines (6406), with no line terminators
Hash 7288c3b6110b68ddcfa671616c0f65a9
77b4120510330292b9260984949f62925a5fd96a
bc6dd499d1b5713241c49a47259a152fc27cf1e08556c6fb1106441f935ed63c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "1906-618e6f85-e46c551fd88d89a2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2297
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
82.180.135.215200 OK 3.1 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
IP 82.180.135.215:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 572dfe0c0e724972d273f13ee3f30c4b
45c5e38616ee1fd31058436b8a06510bec824c34
086b69b7873782382e61c92cbcbdc96c8b712100865d5efebf9dde6071337cb0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:37 GMT
etag: "25f8-620c02e1-1dad7af0581539c9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3053
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.6
82.180.135.215200 OK 665 B URL HTTP/2 crissallesterapias.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (1391)
Hash 700e04ed36d1ee217654e5413b3053eb
6bcee89f9a8722e90842fcbfc99b1c791477a434
5090971ff1192cf479176187926b296a4f3eff2995e3b0d35c63ae8d2febc133
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "592-618e6f85-c5ccda8d7621f0f6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 665
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
82.180.135.215200 OK 30 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 82.180.135.215:0
File type ASCII text, with very long lines (65447)
Hash 63373db5c13254717674a1af4cd88aa2
21a1962ab8597d9066640a7157a41370341ff0cf
d883f77be0299ddb715175908b03076554287b13f87570369fb58adeade16891
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "15db1-618e6f85-4b8a3608fb1ad277;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30027
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/esf-free-popup.min.js?ver=6.3.3
82.180.135.215200 OK 7.3 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/esf-free-popup.min.js?ver=6.3.3
IP 82.180.135.215:0
File type ASCII text, with very long lines (21009), with no line terminators
Hash 168e82881b60e1f6509a5cda7a6a6bc6
b0cb30afea9ccc28236a9f27910d7c13cbc0be37
8343fdc2921a088ea1178bddae2f20622e5042e8097ac7b49728ce2e81995b2e
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/esf-free-popup.min.js?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "5211-620c02e7-b469a6585e68eee3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7292
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
82.180.135.215200 OK 40 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (65315)
Hash a714f070c15eafe206109557af7c88f8
15f560f197d97006382851eb027019c9fbcf1087
438b2aa9fa42187d959097eb3e9fa73b2dcc0531ef51394fd4b5c94eb7c5e413
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "1e065-5f4e9718-984556ecb1931264;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40363
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
82.180.135.215200 OK 45 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (65322)
Hash 32aba52494d506e8ff5045e7892d48b4
fb5e25cd34d67c0f969e27175741cc26ad93cb0e
1b30f7692fac7532137d64605bb23f6cf817f60d81d27f52a20eb33b1c5ebac8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "1f7f2-5f4e9718-4560477519cd1235;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45254
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
82.180.135.215200 OK 12 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
IP 82.180.135.215:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash ae25056e9432cde17c0285f4d8c7cb92
7ead50c0a2ecf4456294a8a5a014be5adcaa10a2
55e6dbd7b65c9385b92713eeb57a69695d46b87db1a6978348dd9441796864cd
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 14:47:40 GMT
etag: "e152-618e7e8c-dc7bee837455ff5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11615
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
82.180.135.215200 OK 5.8 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 82.180.135.215:0
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash dcbde1701851530dc07c731e8d94ba5b
7835aff97a0e828ec376c1ab67bd2ffd566dfecf
6a8702b337918153d65eaf65cf69c0e940596c9796dda75d7d3b2346ffa7ae38
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "4056-618e6f85-e34a43c2434a970b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5769
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
82.180.135.215200 OK 45 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
IP 82.180.135.215:0
File type ASCII text, with very long lines (42889)
Hash 80708d4f5f3f3e1d043a08388c52c93f
7467acc7a7bd01694487c683345558ba8b7b02ae
ebbdf2719ae1a964c2e0ebb518fcf7daf1afded21708a872fb7ea418f4f787da
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 14:47:41 GMT
etag: "1e4e6-618e7e8d-80d089a9bea111e0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45190
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
82.180.135.215200 OK 94 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
IP 82.180.135.215:0
File type ASCII text, with very long lines (64288)
Hash 5301e582e332a83fe5b770c1f2956625
8bfdc41b2b403f92fb3ae13ff816e837b6698e96
3b729cbfde12b4fee9bc76fe70649a65525aebcfbfa693fee31b0d71a956a03d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 14:47:41 GMT
etag: "5d1fc-618e7e8d-5becad1a5bcb0bba;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 94254
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
82.180.135.215200 OK 4.5 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (15224)
Hash 9336a67615b8765497b6efb3b0ce86af
8e9f93d0e91889a28040f9f8f8d2acf71a0acdbb
4834743cf8467e0159799d7c291fe7ef0db3d96323b60fe1bccdaa7d932a7de3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "4705-618e6f85-fd66fab1a0a3696d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4499
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-admin/admin-ajax.php?action=esf-insta-customizer-style&ver=5.8.6
82.180.135.215200 OK 1.2 kB URL HTTP/2 crissallesterapias.com.br/wp-admin/admin-ajax.php?action=esf-insta-customizer-style&ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (672)
Hash 0ff976df48cf785ae8d74b0222bc8e24
3e4b26143e281000c6a3a139ef1c2290c1db6ca3
735eb1595a64c2cb9dd9b7b6bdc7fbac7aba52c90cbe18a5abb677e7dacd4b48
GET /wp-admin/admin-ajax.php?action=esf-insta-customizer-style&ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-type: text/css; charset: UTF-8;charset=UTF-8
x-litespeed-cache-control: no-cache
content-length: 1166
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:01:42 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qO0g.woff
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qO0g.woff
IP 142.250.74.163:0
File type Web Open Font Format, TrueType, length 24652, version 1.1\012- data
Hash 05f626acd9d659f295d71fec7d1fe8b2
19a440d9ac08d72f4621777708a885b07e31a3e0
386751a38b8b78b87c846fee21dabb153d2884b21d622d61f7d6dc6a2fac854f
GET /s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qO0g.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 11:37:34 GMT
expires: Tue, 19 Mar 2024 11:37:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:13:15 GMT
content-type: font/woff
age: 37456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
IP 142.250.74.163:0
File type Web Open Font Format, TrueType, length 22980, version 1.1\012- data
Hash f2a7709803facad3132b46b739548369
7ae29ea1cc9e76acc69877d118fa5d4d61465b59
ca71ae7855c81379852da88328a11f97646e1aa1d38683c633c1d9dd28468355
GET /s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 15:21:47 GMT
expires: Mon, 18 Mar 2024 15:21:47 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:06:11 GMT
content-type: font/woff
age: 110403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
IP 142.250.74.163:0
File type Web Open Font Format, TrueType, length 23776, version 1.1\012- data
Hash d5bc013806eeb7a073a0bff72b30af25
842175feb1e4f382d6982549cea166881a2b2632
8fd06f18e68aac35621698582f2ab34911e159ffb0231280e5b083f94e169096
GET /s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 20:38:43 GMT
expires: Fri, 15 Mar 2024 20:38:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:06:01 GMT
content-type: font/woff
age: 350587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtXK-F2qO0g.woff
142.250.74.163200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtXK-F2qO0g.woff
IP 142.250.74.163:0
File type Web Open Font Format, TrueType, length 26012, version 1.1\012- data
Hash 47ae52793947c7aeccd7b0a81dddfcc1
bc640986c90be068f66c496836f4745c45e35cd2
f561fac6b0ec7182f005dc2ab23a95e5a407ee2da178ffe71fa7c6585287441d
GET /s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtXK-F2qO0g.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26012
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 11:37:34 GMT
expires: Tue, 19 Mar 2024 11:37:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:18:18 GMT
content-type: font/woff
age: 37456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
IP 142.250.74.163:0
File type Web Open Font Format, TrueType, length 23964, version 1.1\012- data
Hash 73cc56954f67bf7b1d9b786a7b58e1af
d6045eab1e92ae57be8954fbe613ad4b6342f24b
399ee57b8c0fc3639e7dd004f70256fa3efc5a7f25f6bd313dc6de58d6f123c5
GET /s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 12:59:20 GMT
expires: Wed, 13 Mar 2024 12:59:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:06:11 GMT
content-type: font/woff
age: 550950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2183
Cache-Control: max-age=141467
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:50 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 13:19:37 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 534835a3016dd43f220e53b2002a3381
72fedf22243bf017817f479786ccc5de4564160a
83516a699601598b64b75c49a6fe12c8ee575f6c928a448a681ead2daa2d2037
GET /pt_BR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6f709d730bc5db96e90c2663e7b4e2d1
etag: "d109e276e3ebf12dd7bc830d837c9bd7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Mar 2023 22:11:35 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: U0g1owFt1D8iDlOyACozgQ==
x-fb-debug: KDU7KTEqQBFW1M36tBPXDI2ud9rQT7SpEeQc42UoDc6kzHSch5hQ/V0yidM5xmUY5+wLH4f9t+/1et0eJLgA8Q==
content-length: 1687
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2888
Cache-Control: max-age=142171
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:01:51 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 13:31:22 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/all.js?hash=aaed2f95408add26134e9315c833817e
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/pt_BR/all.js?hash=aaed2f95408add26134e9315c833817e
IP 31.13.72.12:0
File type ASCII text, with very long lines (18743)
Hash 404f8b3e6cc288ecd90988c12f75e5cb
e697c7352b0be6285254080e138a1ce4ab5a6c63
da00b431678019d061208b30641bd0069dda941a13dfc7643fa3e8bb83e59710
GET /pt_BR/all.js?hash=aaed2f95408add26134e9315c833817e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9fd37c029612ac435c637be025b5263e
etag: "1248e1f807fbc26169d907cb3539612e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Mar 2024 19:26:10 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: QE+LPmzCiOzZCYjBL3Xlyw==
x-fb-debug: Y/WRYlCSifPb+fFRjNJBg5qUxi+qRtdqYofYa2Evw3YxpGxPH+bCGk/RGmpKiVjBuUCFmtGOgfYgKvOH1v3e9w==
content-length: 86995
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=https%3A%2F%2Fcrissallesterapias.com.br%2Fsec01%2Fauth.php%3Fmd%3DAzsYcyjmLQXBqDSrCTOg%26AzsYcyjmLQXBqDSrCTOg&sdk=joey&wants_cookie_data=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=https%3A%2F%2Fcrissallesterapias.com.br%2Fsec01%2Fauth.php%3Fmd%3DAzsYcyjmLQXBqDSrCTOg%26AzsYcyjmLQXBqDSrCTOg&sdk=joey&wants_cookie_data=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=https%3A%2F%2Fcrissallesterapias.com.br%2Fsec01%2Fauth.php%3Fmd%3DAzsYcyjmLQXBqDSrCTOg%26AzsYcyjmLQXBqDSrCTOg&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crissallesterapias.com.br/
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://crissallesterapias.com.br
fb-s: unknown
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: y2pfill/YdfIxvpMsTBt+0Gm5R/OLBRvpI5Vin2Y/74LtiVoUOoviL4IYDoFBXZ4NubOgKoOPg1DA1MSamKBdw==
content-length: 0
date: Mon, 20 Mar 2023 22:01:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ZOmFQbnDQ4Q.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ZOmFQbnDQ4Q.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type assembler source, ASCII text, with very long lines (2642)
Hash 8025ffdc2ba210ef619d2f1151b1519c
f63ea909051fd74096a05686ad0ab38ba89be91b
01d19f13d09a53845e35b8e2ce65d6969b8b071c7feb38de2ba836095bce469c
GET /rsrc.php/v3/yc/l/0,cross/ZOmFQbnDQ4Q.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 18 Mar 2024 18:17:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: gCX/3CuiEO9hnS8RUbFRnA==
x-fb-debug: YCHCk8d4g2Ie9AnioCOmXHRXaXu1u/87Ohcnot7Kvoy2HR5VYwsO8J+xPXCUFtd1dXbBuza25/KoCxl1tthEWw==
content-length: 4680
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/wbsDCtYXM_i.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/wbsDCtYXM_i.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 1aa2dbc9be9cae82b7cf21872776efe1
2dcae683c78a38eb6dab1d1f700091fea467efc7
066173320f5267019109527a296941d85c6d54bfccd1bf832ea1f3999a86c8e5
GET /rsrc.php/v3/yW/l/0,cross/wbsDCtYXM_i.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Mar 2024 17:19:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GqLbyb6croK3zyGHJ3bv4Q==
x-fb-debug: iU32SnckxyZp6CX/9nlPGigSkhWqW+pgRFtTMQx2b7mFLy5WoWu7cz/ym8bjT4bpO66UeeWD0TGA1ZFpU/Y3Ng==
content-length: 4828
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 14 Mar 2024 20:03:29 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: S1svguZPln2qvIaMAiLnDtrwxP/PpxVH6gF4fbK3KIksk1ZNDbmawHPZBc16n4FbgZJ+qLBaIXsknFxLFCwfug==
content-length: 830
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y_/r/cQ42bRjbU1L.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 83 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y_/r/cQ42bRjbU1L.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18631)
Hash 4aa36c44e7cafe4bc43791979b7a856d
942247a1751bdac1446171bd2a769f898089d9ab
5b17447d4bcada83bb7409346680d7c510820356d64d660c1067bde6ff4f581d
GET /rsrc.php/v3/y_/r/cQ42bRjbU1L.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Mar 2024 21:17:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: SqNsROfK/kvEN5GXm3qFbQ==
x-fb-debug: YLyPhcjGJ88xyYgUnhDb+RozsqCHkifWS8jytqyu2QHYq2NYF1SRv6VHx3WxPlqisdRCP20Hk7wMgXQfRB6XHA==
content-length: 83163
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 7b5d6f17d6a6871b29b0d08f6b5a4068
323d7d3de48389d16faeabbe00cd28bbd3977c59
3293ea0538ae7251b96682e5c9193a917cad8ad67308dbc317e54656905f9835
GET /rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 17:00:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: e11vF9amhxspsNCPa1pAaA==
x-fb-debug: bVubqDcDt+K/YRcQvbx4NVM2IFMRmAIol+iuK6W/YIlwqkr6bqUCHpEjEyjhcWClheV2eB2NkEiClGXfZJtxUg==
content-length: 12463
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/_5YqHABAlvy.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/_5YqHABAlvy.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10442)
Hash 49828b77b18215a05ae94807e42fa52d
1ae9ad4908b1634a061636798a8f9d41d587eec4
ff250bc916f5deab1702dbfa4808f0c5192575bb5b5bf21a2fb47de126ecc1a4
GET /rsrc.php/v3/yl/r/_5YqHABAlvy.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Mar 2024 16:05:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: SYKLd7GCFaBa6UgH5C+lLQ==
x-fb-debug: MVwRP00CmydejdmmIZ/i40FjHDhkRPhxTErWj0aLI2nNfTzd4aafB1YF766JbpGE9qbIqv50wIOUhslWqGngnw==
content-length: 16335
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yg/r/S16mcmorP4p.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yg/r/S16mcmorP4p.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (5850)
Hash 38ec81faa0f55eba594a5602d904bab4
576ae20a01979ac795eed03745227d51d3e73b5b
2bad066a04039beefc2fe98a3953135a77471e0b68eea069833ea8ebb3971fc4
GET /rsrc.php/v3/yg/r/S16mcmorP4p.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 21:10:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: OOyB+qD1XrpZSlYC2QS6tA==
x-fb-debug: 3PpW0GUqw2FgDni/WCA7n3kXOuz2jpGKd8rtwixt/fvp2RyBRmGqcQpzq7hOGrV63PCsKh4wn62Dp/b42HxxGA==
content-length: 6377
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 293 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 2f913d812811ef7e6fca30334c5972e2
d17caaa167443dc08696c672380f237e0db3fb02
ee8918a2f5d163099104b70f79065abc8fd309e69add57170546f2706956eef8
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 14 Mar 2024 17:24:09 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: L5E9gSgR735vyjAzTFly4g==
x-fb-debug: rKOnWG05Jp4jnHH4721GSRsWtJm9iMeVNfCYa1Sj2tor764c2A5Fz19wuwuxHAnSnSZxLJKNENZJsn6VJhkmMg==
content-length: 293
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8698)
Hash 653e6bb3111a1b777aa59244d9f20979
4f8c7ace6198f7afa31ce4b039621a2ca69dc5d7
3037408584f8820e2c8c1707428b74e5ce388a03211662f4d3df7c43e3727621
GET /rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Mar 2024 21:10:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: ZT5rsxEaG3d6pZJE2fIJeQ==
x-fb-debug: hOx36q8VUogFGBKvc012YkUoqQHWSo/qRqmM+yyCdZ24qk5z6iIsocQvyTeIPHeqEIRp694W18NmUzjhiR+B9w==
content-length: 16399
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (15192)
Hash 3524f4254a26691461283cd1b6a7d5a1
1089de0ce74ead6c993ee1e55bc13029fc4b4d08
ac6e4f47d63153eab3a33685e38ae2cafe583c9519f80da2793649857f32eb72
GET /rsrc.php/v3/y9/r/zTAcZgbV8nB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 22:15:53 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: NST0JUomaRRhKDzRtqfVoQ==
x-fb-debug: DflqTTTbWqkigcxLYlhRqDVjuqZwFm7n5ZyLs5knLC76F6r13KCjCuT+9DgasWQwTbxKSsiF31p03CZGdeCP4g==
content-length: 16144
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ika84/yy/l/pt_BR/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ika84/yy/l/pt_BR/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5962)
Hash 54af1c08124766e17c274363f887f6b0
525e991e9c71d10207f7706ba24152ef86a9d134
e01dab298f13b10b65ddf4a42f29faab65aa1fc6112a6154de47cf9e4fe465d0
GET /rsrc.php/v3ika84/yy/l/pt_BR/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 14 Mar 2024 18:43:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: VK8cCBJHZuF8J0Nj+If2sA==
x-fb-debug: FFYWUx1VD0K8ARyqwu4c6YZpXuBu4sWehnxDUPIc3TR3/eAlyCkid5E+0W5DIqsMM8w6KCtaFSo+KPWweo9KKw==
content-length: 9065
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yE/l/pt_BR/3Jf5mU8JWa0.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iM-F4/yE/l/pt_BR/3Jf5mU8JWa0.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41973)
Hash 6b4f803ae9320a5080e91ea160d52fbb
9fc0229529d8301548ec4d26c6510b4cd200e76e
2c5784a96af538f570f7be9df47a1cd49704d583201722d8bf14db333ec60fe9
GET /rsrc.php/v3iM-F4/yE/l/pt_BR/3Jf5mU8JWa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 14 Mar 2024 14:58:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: a0+AOukyClCA6R6hYNUvuw==
x-fb-debug: Jr+qeWSoBg8hzqDNsTJdhu26VbI0TM/Z9x73exFeWUUoTFivCYgxfTn5f8EAH6pAfm/4wTM6pFKzsAygKDmcCw==
content-length: 22885
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/T7DAr9Vaj3m.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/T7DAr9Vaj3m.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4643)
Hash 77d84b30ec3843e5259f6a11543ccc13
ecdd4cdd4b335676c4384f4e02b74030ae3a2b60
82000e8e0a9d2a621f028b3adbb8b3b29099b5b3f4b5720e7b15a88ba3d605b9
GET /rsrc.php/v3/yR/r/T7DAr9Vaj3m.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Mar 2024 17:23:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: d9hLMOw4Q+Uln2oRVDzMEw==
x-fb-debug: BZ7yzE3rM0k2Vjlq9bSorccwW3AK9rEJEiJQBnbzTPxOd9OqmnQJUmsKm9vneeSQf7Iw5CK+dxu2412KA0RgBg==
content-length: 7395
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1491)
Hash 1bde0ac6621dfc6b3a6e6a5f9b4e3f45
4b50211745019eede9493f2503e7975e71854e2c
f8c8d80f77bb77658e81b5b457481a4a34aa09c7d2e1839fe5e8bb598794c5c8
GET /rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Mar 2024 20:46:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: G94KxmId/Gs6bmpfm04/RQ==
x-fb-debug: h5j1i8Zo6b0u3RavwkE0NorJSxEAzTeDPavH4xSwyLUWuhXn8f2pUHXndbb/ytn2QFsM1CCLe7+31igho3CPgQ==
content-length: 1248
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5531)
Hash ceb7a84fd8598da30c60c449d40133ce
4f461d97216d437c00438873a1e0f7b708a39363
69af754dcd499789c8c7803b27e5e83343c8d93ce359e91cf3c274f759730321
GET /rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 11 Mar 2024 14:49:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
x-fb-debug: P1EPgX9+tvBwaPpYZK/lrdkl+dASPK5gusafzQVhh8DM1J4e2+C6d/vllKw2ALqViWnTmutz9p/poIyb4f8xfQ==
content-length: 8978
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
782 B URL static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
IP :0
Hash 4cb0a14280e1518ce924569d0d94ecd4
b9a0878c671e0eb91d93cda7ab58e625d63e3b76
45663b2e683e50c831a09116470186da9c27eb92764aa3a0da8e925a94ca1d80
GET /rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
crissallesterapias.com.br/wp-content/uploads/fusion-styles/a5a3a7f6c2fb0d560e9556df9d985918.min.css?ver=3.0.2
82.180.135.215200 OK 0 B URL HTTP/2 crissallesterapias.com.br/wp-content/uploads/fusion-styles/a5a3a7f6c2fb0d560e9556df9d985918.min.css?ver=3.0.2
IP 82.180.135.215:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fusion-styles/a5a3a7f6c2fb0d560e9556df9d985918.min.css?ver=3.0.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 15:01:29 GMT
etag: "104720-618e81c9-aceced78b6c45b0b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-admin/admin-ajax.php?action=easy-facebook-likebox-customizer-style&ver=6.3.3
82.180.135.215200 OK 0 B URL HTTP/2 crissallesterapias.com.br/wp-admin/admin-ajax.php?action=easy-facebook-likebox-customizer-style&ver=6.3.3
IP 82.180.135.215:0
GET /wp-admin/admin-ajax.php?action=easy-facebook-likebox-customizer-style&ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-type: text/css; charset: UTF-8;charset=UTF-8
x-litespeed-cache-control: no-cache
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:01:42 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/uploads/fusion-scripts/87abe166283d6c3b515928cb99837669.min.js?ver=3.0.2
82.180.135.215200 OK 0 B URL HTTP/2 crissallesterapias.com.br/wp-content/uploads/fusion-scripts/87abe166283d6c3b515928cb99837669.min.js?ver=3.0.2
IP 82.180.135.215:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fusion-scripts/87abe166283d6c3b515928cb99837669.min.js?ver=3.0.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:01:41 GMT
content-type: application/x-javascript
last-modified: Sat, 13 Nov 2021 01:15:44 GMT
etag: "107993-618f11c0-fbfffaeae8bf2b08;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
82.180.135.215404 Not Found 0 B URL HTTP/2 crissallesterapias.com.br/sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg
IP 82.180.135.215:0
GET /sec01/auth.php?md=AzsYcyjmLQXBqDSrCTOg&AzsYcyjmLQXBqDSrCTOg HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://crissallesterapias.com.br/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f09_HTTP.404,f09_404,f09_URL.0812aa3dd509fe8ba0fe3dc5cc361575,f09_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:01:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e90836a53807%26domain%3Dcrissallesterapias.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcrissallesterapias.com.br%252Ff1eb78e01f8feb2%26relation%3Dparent.parent&container_width=360&height=415&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fcrissalless&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=350px
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e90836a53807%26domain%3Dcrissallesterapias.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcrissallesterapias.com.br%252Ff1eb78e01f8feb2%26relation%3Dparent.parent&container_width=360&height=415&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fcrissalless&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=350px
IP 31.13.72.36:0
GET /plugins/page.php?adapt_container_width=true&app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e90836a53807%26domain%3Dcrissallesterapias.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcrissallesterapias.com.br%252Ff1eb78e01f8feb2%26relation%3Dparent.parent&container_width=360&height=415&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fcrissalless&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=350px HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: GB5r+xI3dvBFxFMfyAVrGUeecybxdBOu+psUYLUZDaPl4uKwRAXtEGQVG4+oWgpu4Rr/sdlpyafN8u9uRBX2Cw==
date: Mon, 20 Mar 2023 22:01:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iL6L4/y_/l/pt_BR/c5k5wPU5WEN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 0 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iL6L4/y_/l/pt_BR/c5k5wPU5WEN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
GET /rsrc.php/v3iL6L4/y_/l/pt_BR/c5k5wPU5WEN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 05:23:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: KB+xM2cjqaShgAbOYamyFw==
x-fb-debug: Elty9yNZmkMAxXEuOwc2O3NyI9dRZEPTz+11FhDUvbWFRPc5xUtuH+g5AeojVcXM96NoUE2mAzNKUaWGq7p4PA==
content-length: 61600
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:01:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2