firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 16:14:31 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y0I6DSIa29mhFood11_TNzuJJrVjchljPKnYa74p1I_MeUjYwvLUVg==
Age: 2301
acess-facil-factura-magzine12.blogspot.com/
301 Moved Permanently 192 B URL HTTP/1.1 acess-facil-factura-magzine12.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1520ac0f9cb804adab87dcf35d51978b
88f1094f5a5eaa4072918d2b7802711e301b18cd
966a5f385a63a06d3b2fe11393b56ebe9b32fbd0cbcf80dfb2fdb0c2b0b60379
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: acess-facil-factura-magzine12.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://acess-facil-factura-magzine12.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 16:52:52 GMT
Expires: Sat, 24 Sep 2022 16:52:52 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 192
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4990
Expires: Sat, 24 Sep 2022 18:16:02 GMT
Date: Sat, 24 Sep 2022 16:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5992
Expires: Sat, 24 Sep 2022 18:32:44 GMT
Date: Sat, 24 Sep 2022 16:52:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MjqNxxQrKWduNcnxdAQ0iM/Mx/cAwEziTzgDg/RTbjY8jyFS3afNYzF9GuB15HnEl95WuLvNBF0=
x-amz-request-id: 5ZTEHZNT5KK6X6HB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Sep 2022 16:47:38 GMT
age: 314
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 16:52:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 16:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 16:52:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PbqMG7JODGAT7UnMiDix-80byRVwJWGuuLbDdPi5WYl5mv_40VnZog==
Age: 2915
ocsp.digicert.com/
200 OK 471 B IP
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:52 GMT
Last-Modified: Sat, 24 Sep 2022 16:28:02 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
acess-facil-factura-magzine12.blogspot.com/
200 OK 16 kB URL HTTP/2 acess-facil-factura-magzine12.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5019)
Hash 3f07595bcbf9bff76bca9f5ed0a56919
fa30929aa0a6ffcec5d43475ddeddddb857654f1
0a2962c5c8901af1f8f30e57ef5e3e1ae42ed620238a13f3967ca98f68b69650
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: acess-facil-factura-magzine12.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 16:52:53 GMT
date: Sat, 24 Sep 2022 16:52:53 GMT
cache-control: private, max-age=0
last-modified: Thu, 22 Sep 2022 19:50:14 GMT
etag: W/"69925e6adf0caa145c6ecb37db60ed5de57426451da118e7efc59fe17c73dcb9"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 16485
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4xLQbgB8XFNw0CJUNyJIjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d/4bb5s2YQdbsIFbuXb+Vn1/WBE=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://acess-facil-factura-magzine12.blogspot.com
Connection: keep-alive
Referer: https://acess-facil-factura-magzine12.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 249525
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 64b39684d4c80b63458f11ed8b8c5d17
6abc0bd0c0318d9e7a362eb3949bfe81a48c6343
c307464d222c4a9e1206586f0ebd7155de49baa84bbce8c8d0d4ce5e122cb076
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://acess-facil-factura-magzine12.blogspot.com
Connection: keep-alive
Referer: https://acess-facil-factura-magzine12.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 249525
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/YJSDDYD0u34
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YJSDDYD0u34
IP
Hash d53e53e7210db49de3889cba0554dabb
6364ccd11f07dfb2b48245c89dca29a36c0b10db
f12babb97792ce874460efe31252321728c988b41655d16f241528602bc62b72
POST /s/gts1p5/YJSDDYD0u34 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
200 OK 228 kB URL HTTP/2 themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=Sunset afterglow and twlight dunes in White Sands National Monument, software=Picasa], baseline, precision 8, 1600x1067, components 3\012- data
Size 228 kB (228521 bytes)
Hash e66ef1f4c654be20558150214aa2b85a
ad1dfbefad9a21e48aeeac1bae9f8a5b8ea1ef3c
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
GET /image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acess-facil-factura-magzine12.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 25 Sep 2022 16:52:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 16:52:53 GMT
server: fife
content-length: 228521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash aa58ca16387e8f05dd9fbf268dd7a748
024b9be8676598e2eba669d56f152983f67eecb2
2cab1c2148538cff208d26e26bd8b761adc3591c3ed1dc7549836a1dc624c740
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:53 GMT
Last-Modified: Sat, 24 Sep 2022 15:08:18 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/YJSDDYD0u34
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/YJSDDYD0u34
IP
Hash d53e53e7210db49de3889cba0554dabb
6364ccd11f07dfb2b48245c89dca29a36c0b10db
f12babb97792ce874460efe31252321728c988b41655d16f241528602bc62b72
POST /s/gts1p5/YJSDDYD0u34 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 16:52:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
200 OK 20 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19856, version 1.0\012- data
Hash c2237a47b207b79d49dacbc6767f094b
e9e4bc7effa06252f6ccf3c8aae0910ec7a5d2c0
eb3d38629627f709b3ce3cc9d8e853a71d45d3f776a1c5ae28251bbdfaeee44e
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_lt-webfont.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 19856
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "4d90-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3tWAAb%2FnuNB%2FgoiN19A6b2%2BINsFZ7MvC%2FKjEiJTZJF6YlbyWVLoXmgxqB7LqVNMM3K8j7MH14zmlTtcWE3PimWIViF3SwnOCQY4rcJESd85O6soVRfFjxtlJZNNthRIqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88e5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
200 OK 20 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20492, version 1.0\012- data
Hash 943eded538dde6a0dfafee5453aa6dcf
ce3c14529df937462fc9e6f7b3a853785b05a6f0
6941f9570d5085cfa2ddba639611d4a5ab3e9aded5e3eb2139dc23e613b20067
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_bd-webfont.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 20492
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "500c-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCMLKE5uR%2BNCpdwTsW7uWXsQ7CFgybwWQGwfVhXSNzwj2pVn1bExZrq8Yd1wgFpgYQEztT%2BBWYSrRERXen4eE%2BbHbBJJiVWFky%2Fg4qUrCzGDsWaY1p0twKZ9BrF2Wqi3ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88e8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
200 OK 20 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20244, version 1.0\012- data
Hash 195620c524ec7c323db8fa3ceccb9cd2
9bc9e6e59f737f89acae0fd7ab5e323dfed48579
dcd743060b3c09ccf5003db3bb4b85fbe7a71d176638dabbf089669ef3f787c4
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_xbd-webfont.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 20244
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "4f14-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b4wW1bAUJ1kdy3hSl5G9CtDypC8ynxqE1y5m0Za6lZRezi0k8wsiMsZKgZJVtooV8kkmhm4sce%2BzbJiq9O6eMmJcQl6qiS6NSATN5ig%2F5dtqmdQZ785MhhiQ8zeHcdoXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88e6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2
200 OK 18 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18140, version 1.0\012- data
Hash 6c8fe1156552769b5e65e3fc1eb81395
0339dcf247cb98781cb26174bf7810e15a394310
25a5d759897134cb9caa4b9f0f58ebb3f34e5759af0b8c712959665df0754e7e
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Bd.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 18140
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "46dc-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6ZOmtS9ftscQEKXICHEju0injcbv%2BVfAx1fXRGQhaBa92aVGPiBxKuv7Z1CzYXqqAW4cZEx48umxnu8mlFOBhsiP3WMGbvVM%2FpBlZbPxlDahThxVfdrZx1GXgFcE311ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88e0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
200 OK 18 kB URL HTTP/2 factmquint.com/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17892, version 1.0\012- data
Hash 4c9045c151fd584835340bef1292fa48
7b550140ce90c15ae16efb7913717746b2bf8a06
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/sharedcomponents/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 17892
last-modified: Sat, 13 Nov 2021 06:56:58 GMT
etag: "45e4-5d0a614f06280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EBNAVJlH1G%2BKrSwkOs2FiJQgQFTeTu0N8blOPnQZZg4F5%2BhblnEE4Z2HQ%2BW90xkM2Wi6Sc76IDgRkhTja7kMB3Xt29KGtbP%2FnBH1MZbdUHMAvapkWgAds%2BDGW3RD798bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88e4b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2
200 OK 18 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash f755825cfc33424de53229ed51a48547
7d55a33fb68b5743cf7a5adfe7b424752e1cc52f
f898f65ddbfb8e0b9ecf86132b0fa3ed23b5cfa87d599e7b5364c5b3ef7e5c1c
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Lt.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 17508
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "4464-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDdiIk%2Bo%2BgMa%2FQN1XQDO0DMyQyGcubb5vTT9UqvrSKmXqwTohiPl%2F53Plkl1en4G%2FwDUV%2By%2B3y2qUum0J3O%2FVvAFkh1fakjxBTE2mFIzRRNmbHugtDTGXD4BEXe19%2BniAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88eab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
200 OK 20 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20336, version 1.0\012- data
Hash 63b41291ead223dee31d35f314b7968d
a261ce8cf48c373966e114365d6132121ca08876
44ea8da2d545e55cf9ecaf0d4f7936cf83ba9476dcbb833b3e8152f6d3f171ad
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauDisplay/itaudisplay_rg-webfont.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 20336
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "4f70-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Uph9aoN2er6XcR7RO%2BAT2984qowu9j1lGl6JJg%2FOL2lbTE0%2B%2Bxr42rGDKYbP19tQEsoBm7pjtKAy1qDI4Vw4%2FIA5dgGvMwj7nGRMYJCOx0SdoM6qn1Pk9Aq4HzSe7RM1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88e1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
200 OK 18 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17892, version 1.0\012- data
Hash 4c9045c151fd584835340bef1292fa48
7b550140ce90c15ae16efb7913717746b2bf8a06
661a87469e3a98ce456dd15c5ce402278f25db98b5885d823651284f4fd4de91
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/ItauText/ItauText_Rg.woff2 HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff2
content-length: 17892
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "45e4-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZSDSleR7dXrAH4Og%2B%2FKDFmRZK6F6wsn9EHXy6gF%2FVlfazkudDdZpReGOxKTv7Rp%2BkjXc1V7ZXESn%2FsVlwdUzu62Y5AnXijvcRMudKHJOs47LUk7iMqFFUN21goP1LsA1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88dfb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.itau.com.br/content/dam/itau/cartoes/magalu/magalu-logo.png
200 OK 5.3 kB URL HTTP/2 www.itau.com.br/content/dam/itau/cartoes/magalu/magalu-logo.png
IP
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7fbc42a4b63120dc1521c416c152f994
be360cff67eb29ef6fe12445623d47eb0cc104c5
91059ccdd65c1496d764f84ece42376760652ea7c734fe0c0dd0b086c91ce6ef
GET /content/dam/itau/cartoes/magalu/magalu-logo.png HTTP/1.1
Host: www.itau.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3be9-5c23d8df52480"
last-modified: Wed, 27 Oct 2021 16:10:17 GMT
server: Akamai Image Manager
x-serial: 215
x-check-cacheable: YES
content-length: 5316
content-type: image/webp
cache-control: private, no-transform, max-age=838955
expires: Tue, 04 Oct 2022 09:55:29 GMT
date: Sat, 24 Sep 2022 16:52:54 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=431
access-control-allow-methods: GET, POST, GET, POST
access-control-allow-origin: internet.itau.com.br, internet.itau.com.br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 16:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 16:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13357
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 16:52:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:27 GMT
age: 68667
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 41906
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:23 GMT
age: 68071
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pVtBCTCGh0DCF_1Vf9qMWttoDUQO_xSCkpdis9Gu3o4_cVEqaHngVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:30 GMT
age: 68664
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 68498
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 68668
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff
200 OK 139 kB URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff
IP
File type Web Open Font Format, TrueType, length 139296, version 1.0\012- data
Size 139 kB (139296 bytes)
Hash d9a9d074200e6425c65c57cf3fbc3420
5506f29e197e139759be1528d09242026e27ff10
0627930b6d4838fba88a1b6a456ddcec05200a7a0596dc2ac57e2b9180736e83
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base/resources/fonts/itaufonts_master_24px_v44/itaufonts_master_24px_v44.woff HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: font/woff
content-length: 139296
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: "22020-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwipe37Zzn7VuM2vkotAckqy%2BzH63J9yUq%2BHA5ieachbpBc8RvUpebLm%2Bi5X5Ggu77VRnHtoQHwzUuaTLoRHWaAQ14wmd9I2bzoGGEXjtV2dGYSEqXts2aMyLaVWpc0ecA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88ebb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.9a4356cb47e7c63947459a99a47af102.js HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: application/javascript
last-modified: Sat, 13 Nov 2021 06:56:58 GMT
etag: W/"b7030-5d0a614f06280"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYoiUL3Vr5fLIft7KanEhBXJ7ZwY4pYUrojZD3XhjjdVUnhQa%2FaRIc8SzXqxqM2WkIvkS9VVcfyuNnLQA61gorZ%2FLX%2BPKScj9litBfZZmQp6DDrcea7oLctVqbbu60I0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087d095ab4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
200 OK 0 B URL HTTP/2 factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
IP
Analyzer Verdict Alert fortinet Phishing
GET /?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acess-facil-factura-magzine12.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:53 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.6
set-cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMhC%2BVPBcF7GAopee0dWSddy8tyGHiKRzF17UkX78%2BWfR%2FEclBKwwB%2FejsZtiFiCqJ3Kb8Ry8TUNtik24%2BQVLLsb%2FIAaqFuekKt17DJ%2FIppVETLN8Q8msnlT7Ks5r7wVkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fd087abf00b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.2d598e5d51a32ffac757870976e94d21.js
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.2d598e5d51a32ffac757870976e94d21.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.2d598e5d51a32ffac757870976e94d21.js HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: application/javascript
last-modified: Sat, 13 Nov 2021 06:56:58 GMT
etag: W/"1de-5d0a614f06280"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLShQds58cu9kqfNYZDyiidr%2FdVPcu38A%2BxQNk0Yez2TtlteDkNoI7c%2Bimfm6lp2q3ROQkKEoTx7M40eG6%2B5RNMozC3X3ExvYJhXtj4%2Ffekmry6Lv7ZEn1I7VVdHPIukuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88edb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.11c95aa513d1bfa558ffd098de124b06.css
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.11c95aa513d1bfa558ffd098de124b06.css
IP
GET /etc.clientlibs/sharedcomponents/components/fragments/modal-generic-error/v1/modal-generic-error/clientlib.min.11c95aa513d1bfa558ffd098de124b06.css HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: text/css
last-modified: Sat, 13 Nov 2021 06:56:58 GMT
etag: W/"899-5d0a614f06280"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqSLCPrkh%2FdUMXBR0YEP1MDu%2FsrG9fLfhsbovbsgO2jxmZIvAvQdp12Y20ydKLr6tUHJbDtWisO6NXopuDzOU5XUZzhSPBxc7jCvRz7BqZDfpw%2FhjDNLSO00dNUlpbSQOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88ecb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: application/javascript
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: W/"e22-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnX45haZcmrZZut2e%2FaR3SQhiZbmGb7KS0ctYruuuRvi0tbEAsCIXuGjncpqCGV18ZfnADHlIkfJDed83wwq8eewK%2BT4HmD7d1ZXP%2FeEULQ5b7JpO5vtIgUF5NgSqR7YVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087d095bb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css
IP
GET /etc.clientlibs/itau/clientlibs/clientlib-base.min.2b40b1b39f98cea329b75ac4733abdbf.css HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: text/css
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: W/"14ecb8-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h2RooJcD%2FPZ%2B2XfPVnw6LI50K3wKRV6nzMFoeo3AMgIL7OQxwPZy77%2F%2FOXxhpsLSlCJYqsM10u8rYb2weice8pKCYVmbnlm412kqUDe8cEConqfP0XbYhv%2Bdj48LSWcNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88ddb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css
IP
GET /etc.clientlibs/sharedcomponents/clientlibs/clientlib-base.min.51b8a224aa8c5e5101bb0ec667ba1e77.css HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: text/css
last-modified: Sat, 13 Nov 2021 06:56:56 GMT
etag: W/"9c51e-5d0a614d1de00"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXWdorSCa%2FGnc35Bo%2F0PrvzygAXjQV0uiAqHnYMg5675VsvP%2FGqpLGkdhz6HORhvsysYRKCavlsQeET%2FbVS9noRS1Nj1grxSlAkKjvVodobhFWRloDSbPj8lP7VZC6U0aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087c88dcb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js
200 OK 0 B URL HTTP/2 factmquint.com/etc.clientlibs/itau/clientlibs/clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /etc.clientlibs/itau/clientlibs/clientlib-base.min.9c7dbd8d3858cb76c49b487bde47553e.js HTTP/1.1
Host: factmquint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://factmquint.com/?gclid=Cj0KCQG-W3V4wQ4bszpvqNNQ4bszwDm9JjUUrKUoaAtdCEALw_wcBAtdCEALw_wcBjwidSWBhGDFKGXCGfkxFGKF
Cookie: PHPSESSID=9i6ll9n8sec9tctut0mjcmvqor
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 16:52:54 GMT
content-type: application/javascript
last-modified: Sun, 29 May 2022 04:39:48 GMT
etag: W/"101eeb-5e01f21216d00"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdzp0lBYP5x2H3o%2FEPKUcoenRo6rHg6VLT62lywBM%2FFBcgpCok6PV2q53tYrRzgyDAdVONSNwLIJ0azb1lGMtnyFU%2B3X6JQcKh2YsaBYWckhZ7fVsR2MhMT13PgFYMVeCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd087d095db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
142.250.74.161
93.184.220.29
104.84.152.155
23.36.76.226
188.114.96.1