Report - imobiliarialuzdivina.com.br/

Report Overview

Submitted URL
imobiliarialuzdivina.com.br/
IP
104.21.4.191
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-30 13:29:12
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	872 B	815 kB	142.250.74.74
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	64 kB	216.58.207.227
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.125.72
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	70 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
emailpronto.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.0 kB	1.6 MB	217.79.250.131
imobiliarialuzdivina.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	176 kB	104.21.4.191
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	1.2 kB	216.58.207.228
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	165 kB	216.58.211.3
www.youtube.com	90	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	805 B	56 kB	142.250.74.46
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	171 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/64/GRANDE/364%231.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/36/GRANDE/336%23WHATSAPP-IMAGE-2020-07-09-AT-130853.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F02/22/GRANDE/22%23WHATSAPP-IMAGE-2022-08-10-AT-114640.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/61/GRANDE/361%231.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/41/GRANDE/341%231-AREA-EXTERNA.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F02/30/GRANDE/30%23WHATSAPP-IMAGE-2022-09-02-AT-151819.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/42/GRANDE/342%231-FACHADA.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/31/GRANDE/331%23FACHADA.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/58/GRANDE/358%231-FACHADA.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F02/32/GRANDE/32%23WHATSAPP-IMAGE-2022-09-21-AT-121023-1.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/48/GRANDE/348%231-FACHADA-SITE.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/100059/FOTOS/F00/74/GRANDE/374%231-FACHADA-FRENTE.JPG	Phishing
2022-11-30	medium	emailpronto.com.br/webservice/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	www.google.com/recaptcha/api.js?hl=pt-BR	853 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?hl=pt-BR IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:40:46 Last Seen2023-03-11 23:03:39 Times Seen1 Hash 16e343a4fb91870a3bb33d006a3a46ec b545fe925ba1815e9de5ad501dc721b00dcb1db8 b4cb0388cb9eed396395c70893407cf4c55578c5d0f8c4095555fa8d80d05176 Loading...

	imobiliarialuzdivina.com.br/assets/app.js?id=61e90b5d74a228bac611	232 kB	2023-03-11	2023-03-11
Pretty URL imobiliarialuzdivina.com.br/assets/app.js?id=61e90b5d74a228bac611 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:03:39 Last Seen2023-03-11 23:03:39 Times Seen1 Hash 61e90b5d74a228bac611217606ab60dd ad0149c86d76e833e919ac2602677fae89c42b6d 10bfa386bf6c30b5b8505dc6a391744e17fa37fe805a89629474e49ec6fb7247 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js	411 kB	2023-03-08	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:55:22 Last Seen2023-03-11 23:44:51 Times Seen1 Hash ea0903ad7aa72ad6cdb5e9fbba756102 c6fe44783350b254260fd591991d0781f8cdd852 0985d39b1fe2651fa0d9d7181d82af2f6e523516c9edd5e1d1b97648885e1705 Loading...

	www.youtube.com/iframe_api	992 B	2023-03-11	2023-03-11
Pretty URL www.youtube.com/iframe_api IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:33:25 Last Seen2023-03-11 23:05:09 Times Seen1 Hash 898011788fb923963ce497c713c4d78d 8a132179517a4ec889f37b2cfcf3fc27d4251fc9 b80936791a33cfbab791e22b22181d5b168159a168979e716f359fcd400bd24d Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 13:17:02 Times Seen37091828 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (63)

URL IP Response Size

imobiliarialuzdivina.com.br/

104.21.4.191

301 Moved Permanently

0 B

URL HTTP/1.1
imobiliarialuzdivina.com.br/
IP
104.21.4.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: imobiliarialuzdivina.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 13:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 14:29:00 GMT
Location: https://imobiliarialuzdivina.com.br/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42v51cIpZbeeMnuHlbA0525yC%2F5z6pzEpCpbdyDv7YvsWbvGexl4RDUm1a0Bb2JZ8Ix0B8rAQczcJ4fx8azk41MrtO4kFxMGXmBrNjwt7r4H8pRNG7OQUWeH4EgBC1gfoZ6FF0RCr28G5ZTP89k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7723edf2aa72b524-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18012
Expires: Wed, 30 Nov 2022 18:29:12 GMT
Date: Wed, 30 Nov 2022 13:29:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6424
Cache-Control: max-age=168563
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:00 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:18:23 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5419
Expires: Wed, 30 Nov 2022 14:59:19 GMT
Date: Wed, 30 Nov 2022 13:29:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 13:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 559
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HSiL06uxjYKxUVq2F2azUB0vg6igRkg3mSOLEKHs2ZtNN2DcISusGU+IWKENGvujg2gOJzIVdac=
x-amz-request-id: Q47MMNNY82SS25HF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 12:45:14 GMT
age: 2626
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 13:29:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b141eb228001be918acef3b8c15a034b
b22e13ac1ef9e837c5b55083ce0004fc9499fd5d
f788a2446ceca1ea4b16583f77b6b9755c1206c6caa2efefa20b52f9928e66dc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F788A2446CECA1EA4B16583F77B6B9755C1206C6CAA2EFEFA20B52F9928E66DC"
Last-Modified: Tue, 29 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Wed, 30 Nov 2022 19:28:26 GMT
Date: Wed, 30 Nov 2022 13:29:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 13:08:56 GMT
cache-control: public,max-age=3600
age: 1205
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6436
Cache-Control: max-age=163506
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:01 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:54:07 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
b141eb228001be918acef3b8c15a034b
b22e13ac1ef9e837c5b55083ce0004fc9499fd5d
f788a2446ceca1ea4b16583f77b6b9755c1206c6caa2efefa20b52f9928e66dc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F788A2446CECA1EA4B16583F77B6B9755C1206C6CAA2EFEFA20B52F9928E66DC"
Last-Modified: Tue, 29 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Wed, 30 Nov 2022 19:28:26 GMT
Date: Wed, 30 Nov 2022 13:29:01 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

104.17.25.14

200 OK

10 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (58749)
Size
10 kB (10391 bytes)
Hash
fd91519379203e4f5d95a93f2997019b
806d29dabc59c13f96d58a1b6b0412c227bbfedf
48fdb6e3181b07a35045c83b2ab1cd884bbadf0d6e7edade1259d56b7c79bacf

HTTP Headers

GET /ajax/libs/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 13:29:01 GMT
content-type: text/css; charset=utf-8
content-length: 10391
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f0f47d3-e637"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12858768
expires: Mon, 20 Nov 2023 13:29:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sa1HqYFrGekFM7QXX6y3qeRT4Q3tXB2gCL5HYNDoXgaPXBmwEvL3Bf9mWYFUoPI2lIVgUotqNiFIymyV5sueuxWSAECuCn4aW9khcCMf6uc43i4YIOsBbVyfZpfntlLsJrBXhIY2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7723edf9a809b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?hl=pt-BR

216.58.207.228

200 OK

554 B

URL HTTP/2
www.google.com/recaptcha/api.js?hl=pt-BR
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (853), with no line terminators
Size
554 B (554 bytes)
Hash
57869489496b811f455c009ffbcdb840
16082825c093353e7b0e9c66d251650d0af8a332
7432c89ddd77ab2b01738f12a9e3faea80800015c854140cfe1a0e43f99d0b2c

HTTP Headers

GET /recaptcha/api.js?hl=pt-BR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Wed, 30 Nov 2022 13:29:01 GMT
date: Wed, 30 Nov 2022 13:29:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

142.250.74.74

200 OK

978 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
978 B (978 bytes)
Hash
3a36bb78da434a23fad01e64792bc872
7c19218bb8db246d3dbcd388073f57fb6acafdc7
c9cd603ce87da1194c63f0bc2e5bf2fc41c71eaa8eb9061f138fa0e50577c137

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 13:29:01 GMT
date: Wed, 30 Nov 2022 13:29:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.162.125.72

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.125.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D3EEjbe/9HX5Gex+HyMP0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SWAbo2Hsjjp4HzUCfTWCTLOvZwY=

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2

104.17.25.14

200 OK

77 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301\012- data
Size
77 kB (77400 bytes)
Hash
cac68c831145804808381a7032fdc7c2
62584b9868428fd75af3fc5ee2f9918dda428be5
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

HTTP Headers

GET /ajax/libs/font-awesome/5.14.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 13:29:01 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77400
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f0f47d3-12e58"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 56505
expires: Mon, 20 Nov 2023 13:29:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBFlK3BrBXtldgvykMiRc62kpfyMmawVQkwYGmh1ANm4IRSy4OF6S%2BYEre2KwCcydoxs6cHAf2giJD0Jaxo9UVhlGH32p0WiaXrs8YFnGEsQXo9lJPZ7gTh2LZK3giVYBFd5MdVU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7723edfb5aaab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

80 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

HTTP Headers

GET /ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 13:29:01 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 80148
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f0f47d3-13914"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4819152
expires: Mon, 20 Nov 2023 13:29:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmD4b%2B2KbzMR4E0gw74yNMWCPTjd6b2eyvrTfe1mgiCro%2FgEyCUR1lHeehRDeoyaDWsh8K%2By%2F5ZTjv4a4mHLcFMVLmktYT94BCdBTsKK8aHbLWqi8bAeLWF7CUPs8ESSjcH72yvZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7723edfb5aa8b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:28:50 GMT
expires: Thu, 23 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 583212
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:28:50 GMT
expires: Thu, 23 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 583212
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 153381
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

emailpronto.com.br/webservice/100059/FOTOS/F00/64/GRANDE/364%231.JPG

217.79.250.131

200 OK

31 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/64/GRANDE/364%231.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 432x768, components 3\012- data
Size
31 kB (31323 bytes)
Hash
e9d61f5d3e8faf7f715a46ef750b7bff
e887b09df0c2f36f1b6d8b7baa4430bdce7743e6
6ca6a29b4ff891b8f3d90f1fe776b3898e811d064a421ea3f38b061fca63e1fa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/64/GRANDE/364%231.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Wed, 02 Sep 2020 18:18:42 GMT
Accept-Ranges: bytes
Content-Length: 31323
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F00/36/GRANDE/336%23WHATSAPP-IMAGE-2020-07-09-AT-130853.JPG

217.79.250.131

200 OK

51 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/36/GRANDE/336%23WHATSAPP-IMAGE-2020-07-09-AT-130853.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x768, components 3\012- data
Size
51 kB (51241 bytes)
Hash
c058725183c5e0ee46f139afc0ab6aca
df3e8c31d602b7cb7418f353d9665af268ac5653
ab071827aa601cc76e5c3f83683c9213b1f72ccfe81dca0aac8d4534d2cb28e6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/36/GRANDE/336%23WHATSAPP-IMAGE-2020-07-09-AT-130853.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Thu, 09 Jul 2020 20:58:11 GMT
Accept-Ranges: bytes
Content-Length: 51241
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F02/22/GRANDE/22%23WHATSAPP-IMAGE-2022-08-10-AT-114640.JPG

217.79.250.131

200 OK

69 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F02/22/GRANDE/22%23WHATSAPP-IMAGE-2022-08-10-AT-114640.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 575x768, components 3\012- data
Size
69 kB (69395 bytes)
Hash
cf58f74f290a976d2ccb85742ad51d7f
22ca505d81d2a101bc7e928baaeb38f8dede737c
942781abb6047ba84bceb733d48c1dfdea3dfa2988b3dd513fd02ce34e25a7e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F02/22/GRANDE/22%23WHATSAPP-IMAGE-2022-08-10-AT-114640.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 12:50:07 GMT
Accept-Ranges: bytes
Content-Length: 69395
Keep-Alive: timeout=5, max=199
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F00/61/GRANDE/361%231.JPG

217.79.250.131

200 OK

71 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/61/GRANDE/361%231.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, components 3\012- data
Size
71 kB (70989 bytes)
Hash
88d109b0f359f2e7b6ac7868168b7984
748ac624d6d1412043bbf2fbe5f4d3fdf42860aa
6909de27ff5381b263b4da9e4a1a792839de4cd1531962e7cf7263504a7ef4e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/61/GRANDE/361%231.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Thu, 27 Aug 2020 20:27:19 GMT
Accept-Ranges: bytes
Content-Length: 70989
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/102991/BANNER/saomiguel02.jpg

217.79.250.131

200 OK

711 kB

URL HTTP/1.1
emailpronto.com.br/webservice/102991/BANNER/saomiguel02.jpg
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1046, components 3\012- data
Size
711 kB (711102 bytes)
Hash
03c0f37111139d25cf07831e48900052
fcaea4ffacbb758f255e47179a22da0bc8a5b749
603cc1bb3f7dac182fd161da9c0681f853c878a35413eda3421ef0538b81f1bf

HTTP Headers

GET /webservice/102991/BANNER/saomiguel02.jpg HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Tue, 27 Apr 2021 17:00:49 GMT
Accept-Ranges: bytes
Content-Length: 711102
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap

142.250.74.74

200 OK

813 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
813 kB (812587 bytes)
Hash
427c9e57366d03fee2f91734bfda684b
70864a72656d43c75aa9165b1568ca3bfc0d6156
0fcb7baebe3d2acd6dd711f3e29b9c657aee82f8e26354aebdd9cd5c6ca9ea48

HTTP Headers

GET /css2?family=Open+Sans:wght@400;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 13:29:01 GMT
date: Wed, 30 Nov 2022 13:29:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

emailpronto.com.br/webservice

217.79.250.131

301 Moved Permanently

246 B

URL HTTP/1.1
emailpronto.com.br/webservice
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
246 B (246 bytes)
Hash
e8b07bad465fb79018cc5264831fcd1c
ef78826cbdfb8eb549841d9502a0b741871e7f3e
c6405eaf75f1af66da5a6b4176eff316b65388b36cc4f7cf035a50f9cfd6ae32

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Location: https://emailpronto.com.br/webservice/
Content-Length: 246
Keep-Alive: timeout=5, max=198
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

emailpronto.com.br/webservice/100059/FOTOS/F00/41/GRANDE/341%231-AREA-EXTERNA.JPG

217.79.250.131

200 OK

144 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/41/GRANDE/341%231-AREA-EXTERNA.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1024x683, components 3\012- data
Size
144 kB (144483 bytes)
Hash
89f9cc32e74d7bb497631375f46282cd
47eaa7f15909e5363a8bab87d135e27ebc94bb45
148f5f8dedc861f57cdcb2f88eccfe08143f1cf5e0ed4d80f20a52c38ec1125d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/41/GRANDE/341%231-AREA-EXTERNA.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Thu, 16 Jul 2020 14:35:12 GMT
Accept-Ranges: bytes
Content-Length: 144483
Keep-Alive: timeout=5, max=199
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F02/30/GRANDE/30%23WHATSAPP-IMAGE-2022-09-02-AT-151819.JPG

217.79.250.131

200 OK

53 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F02/30/GRANDE/30%23WHATSAPP-IMAGE-2022-09-02-AT-151819.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 389x768, components 3\012- data
Size
53 kB (53075 bytes)
Hash
781a07915ca72050726148848e668837
f35a71ef51b51473873d53c8224d4adce6d25368
29418febe3580338665f860c85576d3cf0601aca636e586b7b573e5708ffb948

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F02/30/GRANDE/30%23WHATSAPP-IMAGE-2022-09-02-AT-151819.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 13:53:36 GMT
Accept-Ranges: bytes
Content-Length: 53075
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/LOGO/logo-rodape.png

217.79.250.131

200 OK

74 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/LOGO/logo-rodape.png
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
PNG image data, 400 x 179, 8-bit/color RGBA, non-interlaced\012- data
Size
74 kB (74395 bytes)
Hash
4aa595e8abb10a2bb3a70f6e780e42ee
212436798ddbe153ab0d8076f8003498bee317cb
19447268f769d3148653dadf5a4482dd74c0ec90b198f9603690dc6ee5b0baa6

HTTP Headers

GET /webservice/100059/LOGO/logo-rodape.png HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2022 21:19:06 GMT
Accept-Ranges: bytes
Content-Length: 74395
Keep-Alive: timeout=5, max=197
Connection: Keep-Alive
Content-Type: image/png

imobiliarialuzdivina.com.br/

104.21.4.191

200 OK

172 kB

URL HTTP/2
imobiliarialuzdivina.com.br/
IP
104.21.4.191:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62293)
Size
172 kB (172317 bytes)
Hash
1cec4074abeb08cd7c89ed9ef1583ead
a50f8bc665d1f8989541bc0c33917698ef136c0f
a3c4a6675e2238f053a48993db574743a02c30ace22efd8e84e3f0b798838dc2

HTTP Headers

GET / HTTP/1.1
Host: imobiliarialuzdivina.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 30 Nov 2022 13:29:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.3
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjVtcWVXaUY1RERNbEEwUmF5R2k2anc9PSIsInZhbHVlIjoiazFKM1g1TS9wTi9WWFFickRwVmwzeDBKVm1LbUVWMXhhNWFXWWhabE8rVExHMW1vLzE0M0QxWkJWSHdZWGRnSG9qWGgyR05WeTI3UHNEZFlENjJiL0VCZm1wS05qa1JqRjh2aW5TWlZwR0phSENYeDJSSVBNRmVBVW5RTkJYTlIiLCJtYWMiOiI2NDc0Mzk1NGY1OWY5M2U5MGFhZjUxNmE4ZjJkOTRjZjQ3YmU2ZmQ2YzMyMjU2OTJkNzBmMDEzYWJmOWZhNjkyIn0%3D; expires=Wed, 30-Nov-2022 15:29:01 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlZhSXkwOUpocWY2WjVQZXFVRExVK0E9PSIsInZhbHVlIjoidUMrZVlLcWhtV0pWUTYvSjBUQnU5T0k3bnJ4ckpRaW9Lc1JRTVNESWxCN1QyUHdIQTBwWHZVNWFJYmIyUjk3THVPNkp5dVk1UnpzeHAydGFkUmE2MCtIcHF1aEFkT0lmdHZTaDdzNS95SzcxSXJRTzBPdmMxVURqMmNnSVJxNTAiLCJtYWMiOiJiY2M0OTg4ZTMxYjEwMzljN2E0OGM2MDVjNDQ5YjMzYzY1MDNlNTJhMTMyNjc3ZDI4ZmVhMGMyZDhiNGY0ZTY2In0%3D; expires=Wed, 30-Nov-2022 15:29:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
serverhostname: 1cae89f9c614
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2R85WkO3kg2qgZbVKRNstQHlCgDQBwYm6sEM%2FIxnYWcMsyrFlFkHrZGkJkbZ8dxOxeZvq2fTO6KgE0YLUjdssRlpiaaqiFv0SE%2FNSn%2Bbr%2FZr9Fletm1wqNsrgFJgKz%2F%2B7Or8hxS4%2B%2BifLhcCVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7723edf5985a0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5377
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:29:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5377
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:29:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5377
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:29:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5377
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:29:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5377
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 13:29:02 GMT
Connection: keep-alive

emailpronto.com.br/webservice/100059/FOTOS/F00/42/GRANDE/342%231-FACHADA.JPG

217.79.250.131

200 OK

65 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/42/GRANDE/342%231-FACHADA.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 798x768, components 3\012- data
Size
65 kB (64747 bytes)
Hash
c2e95f595e32607744617fa9ae5684f0
1c7ac909ceac837f4b3540f8507eac30115d633d
54ed05b9e7fd1523ebf60211e4842d6f486eb521ef592069dc31cb6fb36a83b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/42/GRANDE/342%231-FACHADA.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Thu, 16 Jul 2020 20:05:06 GMT
Accept-Ranges: bytes
Content-Length: 64747
Keep-Alive: timeout=5, max=198
Connection: Keep-Alive
Content-Type: image/jpeg

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5785 bytes)
Hash
59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 55263
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7298 bytes)
Hash
e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 55931
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9330 bytes)
Hash
bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 55050
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 56656
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:53:01 GMT
age: 30961
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10958 bytes)
Hash
777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 56758
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

emailpronto.com.br/webservice/100059/FOTOS/F00/31/GRANDE/331%23FACHADA.JPG

217.79.250.131

200 OK

49 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/31/GRANDE/331%23FACHADA.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 432x768, components 3\012- data
Size
49 kB (49344 bytes)
Hash
492e50c228f30083548bce2c597ed98b
4064fd8317e1b8db6435329c984852f7cd14a7cd
7d4c0ad9d8751d7ebba0bcc8cb86af7fd2903009b8b95ca460b8d48b3f6cf4a6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/31/GRANDE/331%23FACHADA.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Thu, 01 Sep 2022 18:51:06 GMT
Accept-Ranges: bytes
Content-Length: 49344
Keep-Alive: timeout=5, max=199
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F00/58/GRANDE/358%231-FACHADA.JPG

217.79.250.131

200 OK

56 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/58/GRANDE/358%231-FACHADA.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 512x768, components 3\012- data
Size
56 kB (55640 bytes)
Hash
cfc703a5c307f343b457e07eda6952bf
af824d4538189c16a96abfb26fe29444e52dca70
3a5f0367423d905008f7a43f44e58938a72683a2b678d9325678cfb677a91ec1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/58/GRANDE/358%231-FACHADA.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Fri, 31 Jul 2020 19:03:43 GMT
Accept-Ranges: bytes
Content-Length: 55640
Keep-Alive: timeout=5, max=196
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F02/32/GRANDE/32%23WHATSAPP-IMAGE-2022-09-21-AT-121023-1.JPG

217.79.250.131

200 OK

76 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F02/32/GRANDE/32%23WHATSAPP-IMAGE-2022-09-21-AT-121023-1.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x768, components 3\012- data
Size
76 kB (75692 bytes)
Hash
9ea209c4e27c11a41a1b1991d86ae5e7
190e66fe170c7782545a92a459d532230620b8af
5421077b8528500a641ab9d422be42dded4588df81c0ca7ea6d3a12e64f73804

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F02/32/GRANDE/32%23WHATSAPP-IMAGE-2022-09-21-AT-121023-1.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 13:53:53 GMT
Accept-Ranges: bytes
Content-Length: 75692
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F00/48/GRANDE/348%231-FACHADA-SITE.JPG

217.79.250.131

200 OK

44 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/48/GRANDE/348%231-FACHADA-SITE.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x768, components 3\012- data
Size
44 kB (44410 bytes)
Hash
18c7b2c0a70f73f34b5b472243376e66
1ebe3d6a7fa31b6961fd614a0a1ca7d131b8ced1
2e6b52cf4d9d3ef584804674071c1ffd8c649fa49631fbfd39384c598cb548cd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/48/GRANDE/348%231-FACHADA-SITE.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Sat, 18 Jul 2020 14:20:33 GMT
Accept-Ranges: bytes
Content-Length: 44410
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/100059/FOTOS/F00/74/GRANDE/374%231-FACHADA-FRENTE.JPG

217.79.250.131

200 OK

62 kB

URL HTTP/1.1
emailpronto.com.br/webservice/100059/FOTOS/F00/74/GRANDE/374%231-FACHADA-FRENTE.JPG
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 576x768, components 3\012- data
Size
62 kB (62057 bytes)
Hash
a42f0b609afc4a430f7cc49359f697c8
426900863910e0d3a3e373d2973f2a119dbf28fd
a1eb6e6cc657f10c85962776fd08fb59dd54314059a96811696ba822fe657ab0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/100059/FOTOS/F00/74/GRANDE/374%231-FACHADA-FRENTE.JPG HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Last-Modified: Mon, 15 Aug 2022 20:52:06 GMT
Accept-Ranges: bytes
Content-Length: 62057
Keep-Alive: timeout=5, max=197
Connection: Keep-Alive
Content-Type: image/jpeg

emailpronto.com.br/webservice/

217.79.250.131

404 Not Found

20 B

URL HTTP/1.1
emailpronto.com.br/webservice/
IP
217.79.250.131:0
ASN
#29802 HVC-AS

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webservice/ HTTP/1.1
Host: emailpronto.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imobiliarialuzdivina.com.br/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 13:29:02 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=198
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 13:29:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js

216.58.211.3

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (758)
Size
164 kB (164105 bytes)
Hash
013b30a55c771d30b066c5aa5a1c0795
5d38ec31c4eb78282a42877dd43ab81cc07dea36
1efa6b26498afba638773a841a5c72c5ccabdf6d6358d4b0c9a61c0067c48739

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imobiliarialuzdivina.com.br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164105
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 01:29:06 GMT
expires: Wed, 29 Nov 2023 01:29:06 GMT
cache-control: public, max-age=31536000
age: 129597
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js

142.250.74.46

200 OK

54 kB

URL HTTP/2
www.youtube.com/s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (817)
Size
54 kB (54004 bytes)
Hash
039718b40de8675ac384c9e2bee94c37
61f7a0eed9d7c5e7bfd5bdb74c242a95ec335adb
a0485e1a1f351dcb03208cc5f5fe21779b433d5522cb4b2dd907ab41df336406

HTTP Headers

GET /s/player/e87a69df/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 54004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 12:42:38 GMT
expires: Thu, 30 Nov 2023 12:42:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 01:19:33 GMT
content-type: text/javascript
age: 2785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9051 bytes)
Hash
05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 56662
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

imobiliarialuzdivina.com.br/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2

104.21.4.191

404 Not Found

0 B

URL HTTP/2
imobiliarialuzdivina.com.br/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2
IP
104.21.4.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2 HTTP/1.1
Host: imobiliarialuzdivina.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Cookie: XSRF-TOKEN=eyJpdiI6IjVtcWVXaUY1RERNbEEwUmF5R2k2anc9PSIsInZhbHVlIjoiazFKM1g1TS9wTi9WWFFickRwVmwzeDBKVm1LbUVWMXhhNWFXWWhabE8rVExHMW1vLzE0M0QxWkJWSHdZWGRnSG9qWGgyR05WeTI3UHNEZFlENjJiL0VCZm1wS05qa1JqRjh2aW5TWlZwR0phSENYeDJSSVBNRmVBVW5RTkJYTlIiLCJtYWMiOiI2NDc0Mzk1NGY1OWY5M2U5MGFhZjUxNmE4ZjJkOTRjZjQ3YmU2ZmQ2YzMyMjU2OTJkNzBmMDEzYWJmOWZhNjkyIn0%3D; laravel_session=eyJpdiI6IlZhSXkwOUpocWY2WjVQZXFVRExVK0E9PSIsInZhbHVlIjoidUMrZVlLcWhtV0pWUTYvSjBUQnU5T0k3bnJ4ckpRaW9Lc1JRTVNESWxCN1QyUHdIQTBwWHZVNWFJYmIyUjk3THVPNkp5dVk1UnpzeHAydGFkUmE2MCtIcHF1aEFkT0lmdHZTaDdzNS95SzcxSXJRTzBPdmMxVURqMmNnSVJxNTAiLCJtYWMiOiJiY2M0OTg4ZTMxYjEwMzljN2E0OGM2MDVjNDQ5YjMzYzY1MDNlNTJhMTMyNjc3ZDI4ZmVhMGMyZDhiNGY0ZTY2In0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 30 Nov 2022 13:29:01 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbKk89PRUGh4rGCQB%2FiJ0fz4PQGRLDg1opR67hsN85UgFPZJUjWTNgL7yRFBN00w5KxmM2z4zjvhFCec6F9%2FFQ96JCRkO5uQQuhmjWcx%2BvK8KGu1OgeisuTyNGpUcjMPuqyEPWfF4yCANWoB5T0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7723edf97b960afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

imobiliarialuzdivina.com.br/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?cac68c831145804808381a7032fdc7c2

104.21.4.191

404 Not Found

0 B

URL HTTP/2
imobiliarialuzdivina.com.br/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?cac68c831145804808381a7032fdc7c2
IP
104.21.4.191:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?cac68c831145804808381a7032fdc7c2 HTTP/1.1
Host: imobiliarialuzdivina.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Cookie: XSRF-TOKEN=eyJpdiI6IjVtcWVXaUY1RERNbEEwUmF5R2k2anc9PSIsInZhbHVlIjoiazFKM1g1TS9wTi9WWFFickRwVmwzeDBKVm1LbUVWMXhhNWFXWWhabE8rVExHMW1vLzE0M0QxWkJWSHdZWGRnSG9qWGgyR05WeTI3UHNEZFlENjJiL0VCZm1wS05qa1JqRjh2aW5TWlZwR0phSENYeDJSSVBNRmVBVW5RTkJYTlIiLCJtYWMiOiI2NDc0Mzk1NGY1OWY5M2U5MGFhZjUxNmE4ZjJkOTRjZjQ3YmU2ZmQ2YzMyMjU2OTJkNzBmMDEzYWJmOWZhNjkyIn0%3D; laravel_session=eyJpdiI6IlZhSXkwOUpocWY2WjVQZXFVRExVK0E9PSIsInZhbHVlIjoidUMrZVlLcWhtV0pWUTYvSjBUQnU5T0k3bnJ4ckpRaW9Lc1JRTVNESWxCN1QyUHdIQTBwWHZVNWFJYmIyUjk3THVPNkp5dVk1UnpzeHAydGFkUmE2MCtIcHF1aEFkT0lmdHZTaDdzNS95SzcxSXJRTzBPdmMxVURqMmNnSVJxNTAiLCJtYWMiOiJiY2M0OTg4ZTMxYjEwMzljN2E0OGM2MDVjNDQ5YjMzYzY1MDNlNTJhMTMyNjc3ZDI4ZmVhMGMyZDhiNGY0ZTY2In0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 30 Nov 2022 13:29:01 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HEMlHFGhSie%2F8C4ZQp5vuAffk0P9PMTbtSSSbmo%2Buvc3HWI0tmsQf1UvSwcfVCMSi%2B9VQKZoVkXCqzjIPZ6YhHyOBLbfaLWIZlqIdeDwLwQS51kl9g%2Fv4MrXoQYGII1KlWH9wYoXazKgN0SiG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7723edf97b980afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.youtube.com/iframe_api

142.250.74.46

200 OK

0 B

URL HTTP/2
www.youtube.com/iframe_api
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imobiliarialuzdivina.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 30 Nov 2022 13:29:03 GMT
date: Wed, 30 Nov 2022 13:29:03 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=uAoM6112rg0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=vEqMTcAhGOA; Domain=.youtube.com; Expires=Mon, 29-May-2023 13:29:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+524; expires=Fri, 29-Nov-2024 13:29:03 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (63)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1