centrall-consultas.azurewebsites.net/renner/inicio/login.php
20.118.40.5301 Moved Permanently 0 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/renner/inicio/login.php
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Lojas Renner
GET /renner/inicio/login.php HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Thu, 10 Nov 2022 02:10:57 GMT
Location: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8757
Expires: Thu, 10 Nov 2022 04:36:54 GMT
Date: Thu, 10 Nov 2022 02:10:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5652
Cache-Control: max-age=122058
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:58 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:05:16 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5652
Cache-Control: max-age=122058
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:58 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:05:16 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12189
Expires: Thu, 10 Nov 2022 05:34:07 GMT
Date: Thu, 10 Nov 2022 02:10:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JykuO5Sb9uqhRjq/7kWKPhyCJuRVKv4ryAGPNCH+wppz08pOaZsUgNOfStOYs2VyTzs83sRf/Ro=
x-amz-request-id: 41XSZRZTJKESNWC3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 01:11:56 GMT
age: 3542
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 02:10:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5434
Cache-Control: max-age=116785
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:58 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:37:23 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
54.230.111.72200 OK 97 kB URL HTTP/2 js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
IP 54.230.111.72:0
Hash 0cb5d50c13a219ff89bd52873bb2b09b
b57d5f994892b079f03689b7b04b41633b5ce34f
46959c68d0afef184354134e7016a793752ba192cb58cd0c9cd5a0381780a8ea
GET /jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js HTTP/1.1
Host: js-cdn.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://centrall-consultas.azurewebsites.net
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
date: Thu, 10 Nov 2022 01:55:17 GMT
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-source: Cluster
dynatrace-response-id: N48F3H5NKFJK
expires: Thu, 10 Nov 2022 02:55:17 GMT
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dKCpDFfK6g9WSZmIDDbDhJe20v4zY-Eg944xH8IMPWGpdRumQFTe1w==
age: 941
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (3707)
Hash bf27887ea7dabb06af7b74c21e3a57cd
aa4a958e880537649efba03aaf770a8f86caed4f
10cc027c90ddf753f8d753ed690703dcea4e500bcd8617e823dda86d59d09acb
GET /gtm.js?id=GTM-N2FTFQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 10 Nov 2022 02:10:58 GMT
expires: Thu, 10 Nov 2022 02:10:58 GMT
cache-control: private, max-age=900
last-modified: Thu, 10 Nov 2022 01:37:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
centrall-consultas.azurewebsites.net/renner/inicio/login.php
20.118.40.5200 OK 128 kB URL HTTP/1.1 centrall-consultas.azurewebsites.net/renner/inicio/login.php
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (667)
Size 128 kB (128232 bytes)
Hash 4e4dabf2a5daa9da15981e9db571badd
f629bc90f68c29e2ce6464ad352ac3af9fe6b5ea
22e66d3e6a0ea2d226d6a9d143f4000273a250e7b35bd8792b10d894001fd73d
Analyzer Verdict Alert openphish Lojas Renner
GET /renner/inicio/login.php HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Nov 2022 02:10:58 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Powered-By: PHP/8.1.6
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dOrUj9ZYnT3e5OW8AZ0+4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y/9L56/EBaAtWbCthROzT6qZGQ0=
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:10:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2435686
expires: Tue, 31 Oct 2023 02:10:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfxQT1dzZz35HXES%2BqvXMVskj8x8AyHtyrbcdZ%2F4NNxm3lP39mN0nDmCeXOiUfx2whkXQ9umaGuB03nO60oxbBhzIpwzcHGOSeh7PbL8eAF%2Fvlg9bcY%2F8lfejv3GKpXFSd3xWvDv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 767b413f6c181c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js
104.17.25.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (551)
Hash 5f345b49c5cccdac9d92d226c63c0848
51daf502544cba68c3b260b80782818edc3509b7
d783ef3c478b98da6c706b71289143dbe1546b59ab498eafc8011c535312c92f
GET /ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:10:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 2995
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-1f33"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1145804
expires: Tue, 31 Oct 2023 02:10:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsYd0cG%2Bg9kZYxuCTl7Kz7ArbpFl2l%2FeWy38cxiPYZrfbeSHb5egzOhQI5QPJs9W%2FmO%2BIJd60mQudOn%2FVwp%2BctEO76IuEDL1FCYmIsfqhuaKuZlZ4U9bJcdiZzC9NvY%2FLK0GG8YB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 767b413f6c191c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 952f908d8283855a70460d2f6bbcaf22
be97447f1f50f0ad67d15aa07425979da1a12694
6337d6ace429d0bc53cfebab8592c92c449ae969d92545d87f432321b4b494c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
142.250.74.132200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
IP 142.250.74.132:0
File type ASCII text, with very long lines (913), with no line terminators
Hash ef1bf8070b4ae88e35b1c8b87329edd9
5beb6f3e844c6dfa52e67f8f07a78b1f9983a6cc
941939d6c31a367d00a96b0c61f5280388d205db01527ca15fbfef08bc08f1af
GET /recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 10 Nov 2022 02:10:59 GMT
date: Thu, 10 Nov 2022 02:10:59 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da6ea2384d89dcf08521ba15aaa8c085
141a73f1f12700389cecb3548d37c2d5286e7a95
db36322a9271b8e877ba3b1b59c0b8783eb5e9ac8cddd9ecce4180904e7a1088
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
centrall-consultas.azurewebsites.net/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 02157d65de21f4bf3603b109c54cfa6e
4f7d40bba455a51b1737b788b1ffe67045ce7ed7
6a17496ff375d1ad922a1d82dcb8a0f76344db5b612b9ce3027a4cc7362ecbd4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112230
Date: Thu, 10 Nov 2022 02:10:59 GMT
Etag: "636b6106-1d7"
Expires: Fri, 11 Nov 2022 09:21:29 GMT
Last-Modified: Wed, 09 Nov 2022 08:12:54 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Lm1IHnIcpNh4ENpr6YSnASAuO0aH2fAG5kBVbMY6q7RjpiumoiF9aw==
Age: 4115
centrall-consultas.azurewebsites.net/cartoes-renner/js/3.bundle-b50fd5103304ce6835d8.js
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/js/3.bundle-b50fd5103304ce6835d8.js
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/js/3.bundle-b50fd5103304ce6835d8.js HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
centrall-consultas.azurewebsites.net/cartoes-renner/js/2.bundle-f1f55db44dc2d8d8d302.js
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/js/2.bundle-f1f55db44dc2d8d8d302.js
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/js/2.bundle-f1f55db44dc2d8d8d302.js HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
centrall-consultas.azurewebsites.net/cartoes-renner/vectors/whatsapp.svg
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/vectors/whatsapp.svg
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/vectors/whatsapp.svg HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
centrall-consultas.azurewebsites.net/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/js/vendors.bundle-859d26788acf215a201a.js HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
centrall-consultas.azurewebsites.net/cartoes-renner/vectors/bg-login.svg
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/vectors/bg-login.svg
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/vectors/bg-login.svg HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
142.250.74.163404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b35bf41523a1b108c2e5489a200c43ef
c4c50b01ef2b5bcabd088fb5b9faaca457501539
0f9046a19a383093b46afd95f765da649aef27e968bd9e2fb490ea95570087ec
GET /recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 02:10:59 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
centrall-consultas.azurewebsites.net/cartoes-renner/js/main.bundle-af99510fd5623f73dd00.js
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/js/main.bundle-af99510fd5623f73dd00.js
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/js/main.bundle-af99510fd5623f73dd00.js HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
52.67.179.114200 OK 9.2 kB URL HTTP/1.1 cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
IP 52.67.179.114:0
File type ASCII text, with very long lines (22651), with no line terminators
Hash bb462b00b14c20c1058237a188f4033b
6cb3f0724e5b750d6d1ae92518a9126314368e7b
ff1a4463eadc1c7e0bce4edd7635a026f7106130efd1c27bd4bb8af6104edf08
GET /df/tag.js?id=PM-N2FTFQ HTTP/1.1
Host: cdn.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=300
Content-Encoding: gzip
Content-Type: application/javascript
Date: Thu, 10 Nov 2022 02:10:59 GMT
ETag: W/"63599006-587b"
Expires: Thu, 10 Nov 2022 02:15:59 GMT
Last-Modified: Wed, 26 Oct 2022 19:52:38 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
Content-Length: 9197
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:10:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Regular.woff2
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Regular.woff2
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Regular.woff2 HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
142.250.74.163404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 2bcfb6dcc238a9318d881634b323949c
3f8e3147f383aafb815bf61b54d567d26923de94
88f8e2b0e7d741f0dc9675d5f2ddafbec5aab1ccffac36539d5098197f3e5b86
GET /recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 02:10:59 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Bold.woff2
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Bold.woff2
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Bold.woff2 HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Black.woff2
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Black.woff2
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Black.woff2 HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Regular.woff
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Regular.woff
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Regular.woff HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Bold.woff
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Bold.woff
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Bold.woff HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Black.woff
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Black.woff
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Black.woff HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Light.woff2
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Light.woff2
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Light.woff2 HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Regular.ttf
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Regular.ttf
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/fonts/Roboto-Regular.ttf HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Bold.ttf
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Bold.ttf
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/fonts/Roboto-Bold.ttf HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 5baffd4790d0daf2fc26aad552086385
745e4ee28cbffec5f36eed5aef690a265b598bdc
202106109e223971f38b414f6ee68582b5b3de5ac11b42b53fc63f8481be5b53
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156529
Date: Thu, 10 Nov 2022 02:10:59 GMT
Etag: "636c057d-1d7"
Expires: Fri, 11 Nov 2022 21:39:48 GMT
Last-Modified: Wed, 09 Nov 2022 19:54:37 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ezfOE52ViRjYBOFJJX1lUz4jlyP8lzK4iUZkKJ82kkSe5npMJQXvig==
Age: 6312
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Black.ttf
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Black.ttf
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/fonts/Roboto-Black.ttf HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048055234|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:10:59 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Light.woff
20.118.40.5404 Not Found 153 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Light.woff
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ac5ea41aae137cead073d37a7bb732bc
85bde4b57e1f38bd7ff0e6cf4b6ac5f626a5fbae
fcdc802dabd14bed15efb9235ee0decac4adb6908dca03eeba74e2bf8f4eb5a7
GET /cartoes-renner/fonts/Roboto-Light.woff HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h2vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048056300|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Length: 153
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:11:00 GMT
Server: nginx/1.22.0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 02:11:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 02:11:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 02:11:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 02:11:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18398
Expires: Thu, 10 Nov 2022 07:17:38 GMT
Date: Thu, 10 Nov 2022 02:11:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d398b5d30ea461015a3abba3b028ef97
9036a9a8a0904abf68a8f6046505a806c840e056
2cf47136f257e9484ea11928b181976c4961a58b95020d1abb8e68d280099931
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: 8c503d98-3659-40e7-9337-9f02502e9536
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniH4YoAMFfBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-6feb60720a37636e21e1be8f;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: L6GG4yINgps8PfnOb72tBcW34IcJKiQ9xjPZeZ_aI_HFHN1KYZbYOw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 16070
etag: "9036a9a8a0904abf68a8f6046505a806c840e056"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aeb648ba8ff2bcbb363004559ced5b87
25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e
3eb0d98cc52b574f7496061ab00d6276c7a83ca1be7b7974a932a7827a9dd4b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3319
x-amzn-requestid: 4720d817-e198-4cae-b14c-b78972e7dd05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkGdMIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-6c3edabf3f07e37951156122;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DM1zgiiuwGAtsVQj7S-Nz7N8_NvgUdw8JceoQtBRJrNg9iUmpfBY3w==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 16070
etag: "25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 14100
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 899d03c61f3b79a2176e6cdbaa7441f0
afc8ee4a5b899e95c4b229d48494ae058bfa4c33
62b52d966cd4216513a0c0cc12f9faa9c2fbb0d4707a458c247047c455b2b6e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10006
x-amzn-requestid: 322dbafd-30b5-43b5-a077-aa729ffbc91f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWl_1EKfoAMFS6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d31-242c7c5c5f670e7332c2fa36;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XzhwtvrTl7H_zSjppLfNv74vQAnuzDBupbcVWrgbR0Y1w4yWWh4KCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:56:35 GMT
age: 15265
etag: "afc8ee4a5b899e95c4b229d48494ae058bfa4c33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6xhB_vy5Aj6ScBQuTwWX93HFG5eS3SZHr7dP2Qsz-Q1P1pcXk339gQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 16070
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 16070
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Light.ttf
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/fonts/Roboto-Light.ttf
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/fonts/Roboto-Light.ttf HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h2vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048056300|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:11:00 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5f7ae4f7e16dbaf182d15d2bf90296d7
04048ef1e014b686a7057df38d265adce0d07806
0a8094c7292d6613caf3061e0b9a6fd85cc5b5383ada88f6bc27577af8a75f2c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 12:18:13 GMT
Expires: Tue, 15 Nov 2022 12:18:12 GMT
Etag: "04048ef1e014b686a7057df38d265adce0d07806"
Cache-Control: max-age=467831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767b4146bdccfab4-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5f7ae4f7e16dbaf182d15d2bf90296d7
04048ef1e014b686a7057df38d265adce0d07806
0a8094c7292d6613caf3061e0b9a6fd85cc5b5383ada88f6bc27577af8a75f2c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 12:18:13 GMT
Expires: Tue, 15 Nov 2022 12:18:12 GMT
Etag: "04048ef1e014b686a7057df38d265adce0d07806"
Cache-Control: max-age=467831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767b4146dfc3b517-OSL
s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
16.12.0.4200 OK 0 B URL HTTP/1.1 s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
IP 16.12.0.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frame-image-br/bg.png?x-id=real&x-r= HTTP/1.1
Host: s3-sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PodYkEtRwIzDPit7QUBziBMRsQ3anEf36cQ7Sb9g7KUu67oWfOQqzer2m4vgAgiKJoKGMu3n6rM=
x-amz-request-id: AJ49GC32GR3TKC1J
Date: Thu, 10 Nov 2022 02:11:01 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 0
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5f7ae4f7e16dbaf182d15d2bf90296d7
04048ef1e014b686a7057df38d265adce0d07806
0a8094c7292d6613caf3061e0b9a6fd85cc5b5383ada88f6bc27577af8a75f2c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 12:18:13 GMT
Expires: Tue, 15 Nov 2022 12:18:12 GMT
Etag: "04048ef1e014b686a7057df38d265adce0d07806"
Cache-Control: max-age=467831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767b4146db06b51d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5f7ae4f7e16dbaf182d15d2bf90296d7
04048ef1e014b686a7057df38d265adce0d07806
0a8094c7292d6613caf3061e0b9a6fd85cc5b5383ada88f6bc27577af8a75f2c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 12:18:13 GMT
Expires: Tue, 15 Nov 2022 12:18:12 GMT
Etag: "04048ef1e014b686a7057df38d265adce0d07806"
Cache-Control: max-age=467831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767b4146dbb0b527-OSL
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg
200.248.113.245200 OK 4.1 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg
IP 200.248.113.245:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10785)
Hash 1c129f8fb2eacc18c9fb615f27cd120d
046ac834889efee3a7a7184ef09a1fd76dc9ac6a
234865093b4eebfc55170640bd67c45c09a2d3754ea78196bb14534032aaff76
GET /cartoes-renner/vectors/google-play-badge.svg HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c2467-2a22"
Server-Timing: dtSInfo;desc="1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_11_sn_A4FBDF825345E50F44B3781EBDF8EB03_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!Dq1I6hBHA1BUGZkwvU4xC4Cc5ENYpXtuJb1SBRRNV7ip2HOAfRL70hLi6HKFosl/K6OOCJfdhnZsQ14=; path=/
TS0129a473=01c0c864952bb2dab0b803d57f6cf7858739cf9ea785bdb52c98e4b514437503d751e65817c8c19b8fd65cf08f25c17afb2659895e; Path=/
TS01fa365e=01c0c864952bb2dab0b803d57f6cf7858739cf9ea785bdb52c98e4b514437503d751e65817c8c19b8fd65cf08f25c17afb2659895e; path=/; domain=.realizesolucoesfinanceiras.com.br
Transfer-Encoding: chunked
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg
200.248.113.245200 OK 4.1 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg
IP 200.248.113.245:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10788)
Hash 7b19842be289959083f32598c7a28948
cf017a80268641be5d07e92752bf8d9810e9784a
fcdcdc5d4255b28025c96a0a5cebf4c63d6f76dd51b0dbe2ba5e34d080257d21
GET /cartoes-renner/vectors/google-play-badge-reverse.svg HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c2467-2a25"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1599329899"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_2_sn_473D27EEAEBBA7CDAEC98FFB4E805508_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!OT4lmBkbGOAYpAowvU4xC4Cc5ENYpUNDUO+XpndSKbDrlMFwuvrLp6Tl0sjlOXzHvOIdxzauvU8dzeI=; path=/
TS0129a473=01c0c86495d04fc7ae95d81c5a436c9af37ea78d0b94de020d3d46a690ca1647bce24808c9f3470eab8865343b0df6605676e63f5f; Path=/
TS01fa365e=01c0c86495d04fc7ae95d81c5a436c9af37ea78d0b94de020d3d46a690ca1647bce24808c9f3470eab8865343b0df6605676e63f5f; path=/; domain=.realizesolucoesfinanceiras.com.br
Transfer-Encoding: chunked
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg
200.248.113.245200 OK 3.2 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg
IP 200.248.113.245:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14261)
Hash 668f84fa44206efd24ee39cc62335448
2e30dbcadf25bb30cd215c730697f78bc5cb7169
4c6d88babbcc1b9aa250e2cfcb04d7af282a7e8b093e5ed0bde51fc64b2efead
GET /cartoes-renner/vectors/app-store-badge.svg HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c2467-37b6"
Server-Timing: dtSInfo;desc="1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_9_sn_1D3E0894B838C345E5049DC0D5FA2453_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!gd9bY6IeXAA5EtUwvU4xC4Cc5ENYpcHXgUl7G7x4VPUVZvQ8VaD/XqV+zhAowJhBzcAgRhNi6HdQOCQ=; path=/
TS0129a473=01c0c864959d1fac357c6156438491f0806f24d95ca1f73c2e1915c2d29eb0aa4dfae11ec67871ff4ed7fe2ee6da9c83d8ce86da60; Path=/
TS01fa365e=01c0c864959d1fac357c6156438491f0806f24d95ca1f73c2e1915c2d29eb0aa4dfae11ec67871ff4ed7fe2ee6da9c83d8ce86da60; path=/; domain=.realizesolucoesfinanceiras.com.br
Transfer-Encoding: chunked
df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=159301668046256049&sid=177701668046256049&pvw=5f4df7b0-2e87-4e77-a827-752b9bfe437c&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php
52.67.179.114200 OK 2 B URL HTTP/1.1 df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=159301668046256049&sid=177701668046256049&pvw=5f4df7b0-2e87-4e77-a827-752b9bfe437c&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php
IP 52.67.179.114:0
File type ASCII text, with no line terminators
Hash 50585be4e3159a71c874c590d2ba12ec
fb17882585bbfe9c55733a6e46a265ddaea6957a
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
GET /push/?aid=PM-N2FTFQ&cid=159301668046256049&sid=177701668046256049&pvw=5f4df7b0-2e87-4e77-a827-752b9bfe437c&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php HTTP/1.1
Host: df.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://centrall-consultas.azurewebsites.net
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://centrall-consultas.azurewebsites.net
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/plain
Date: Thu, 10 Nov 2022 02:11:00 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Set-Cookie: _pm_uid=159301668046256049; path=/; domain=pmweb.com.br; secure; Expires=Sat, 09-Nov-2024 02:11:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 2
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 10 Nov 2022 00:41:09 GMT
expires: Thu, 10 Nov 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 5391
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=103686931.1660754357
142.250.74.174200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=103686931.1660754357
IP 142.250.74.174:0
File type ASCII text, with very long lines (1921)
Hash 6900bbda6ff601f9be96e10a573ee2b7
eaac030c395b1377ae8c1bf5e5ae3c0e5585983e
0f053687a68170d62ac949a6b2e6e3e63193722543c5915b9cbbab0bcb1aa91a
GET /gtm/js?id=GTM-W9SBWRL&cid=103686931.1660754357 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 10 Nov 2022 02:11:01 GMT
expires: Thu, 10 Nov 2022 02:11:01 GMT
cache-control: private, max-age=900
last-modified: Thu, 10 Nov 2022 01:37:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.194200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (2776)
Hash 0ec35bf4ee8edc7d97d93b3abb843677
a4a5b7745b341e1f22ad10772708afcf177ff75c
ff5adf1fb4025b837ba1e2e0578bc72457150ebf0a860a49915937670bb19347
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 10 Nov 2022 02:11:01 GMT
expires: Thu, 10 Nov 2022 02:11:01 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8989168773380769951
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
centrall-consultas.azurewebsites.net/favicon.ico
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/favicon.ico
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.ico HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h1vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048056300|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:11:01 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221107/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221107/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221107/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 09 Nov 2022 15:43:02 GMT
expires: Wed, 23 Nov 2022 15:43:02 GMT
cache-control: public, max-age=1209600
age: 37679
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=centrall-consultas.azurewebsites.net
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=centrall-consultas.azurewebsites.net
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=centrall-consultas.azurewebsites.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 02:11:01 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=centrall-consultas.azurewebsites.net
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=centrall-consultas.azurewebsites.net
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=centrall-consultas.azurewebsites.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 02:11:01 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png
200.248.113.245200 OK 155 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png
IP 200.248.113.245:0
File type PNG image data, 379 x 485, 8-bit/color RGBA, non-interlaced\012- data
Size 155 kB (155176 bytes)
Hash e624d089f9b2fff768b6b592285a4f12
bef94cbbf3c93e3cc8cc45975065216efc046336
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
GET /cartoes-renner/images/celular-login.png HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:11:00 GMT
Content-Type: image/png
Content-Length: 155176
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
ETag: "633c2467-25e28"
Server-Timing: dtSInfo;desc="1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
Set-Cookie: dtCookie=v_4_srv_8_sn_B1D6C294F990D7C09DFAF42EBA46CAFF_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_1; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!6pcjUl3FOPfQZsUqNFeX7h66++5lCHiOo6mftKT9owA+FEis9/LqrqXRZSBujXK5Fdm15etTwT5FyjU=; path=/
TS0129a473=01c0c8649507da6775af516f04f423247ea84736ba1410e1d74a18ed1928286f50dcf1a2ff057a5e4635eedf559ec15c988892579b; Path=/
TS01fa365e=01c0c8649507da6775af516f04f423247ea84736ba1410e1d74a18ed1928286f50dcf1a2ff057a5e4635eedf559ec15c988892579b; path=/; domain=.realizesolucoesfinanceiras.com.br
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 182f8aecb00a9b97401d839e1e7f5629
05e5f7d37f06fbf503d139746300f2dcf22616ce
8e15a57041c72ef89daa376d714d4f8ec8139c164e5286fff51766b159a0df40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=centrall-consultas.azurewebsites.net&callback=_gfp_s_&client=ca-pub-7890629395260020&gpid_exp=1
172.217.21.162200 OK 257 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=centrall-consultas.azurewebsites.net&callback=_gfp_s_&client=ca-pub-7890629395260020&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (401), with no line terminators
Hash e24e73a2baf9d1913633f0de9874d225
75d2c8a7ef113d7660cb56d69b2ca2114d7e3ce2
e37401f5bc065db841e7185d61dc69a28959a38eae8ff3d6f84e521330c38ca6
GET /gampad/cookie.js?domain=centrall-consultas.azurewebsites.net&callback=_gfp_s_&client=ca-pub-7890629395260020&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 10 Nov 2022 02:11:01 GMT
server: cafe
cache-control: private
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 182f8aecb00a9b97401d839e1e7f5629
05e5f7d37f06fbf503d139746300f2dcf22616ce
8e15a57041c72ef89daa376d714d4f8ec8139c164e5286fff51766b159a0df40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 119e5814bf97cc28488dd0c89752f798
c0c9d06895d9821e225697bad269390031a05ac4
d0bc12eee3b4591bfbd69b03c8e59a5c0d0cefeeee0cc7fc7020f5e04f09d381
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:11:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 10 Nov 2022 02:11:01 GMT
expires: Thu, 10 Nov 2022 02:11:01 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 13:23:21 GMT
expires: Thu, 09 Nov 2023 13:23:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 46060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
centrall-consultas.azurewebsites.net/cartoes-renner/vectors/bg-login.svg
20.118.40.5404 Not Found 114 B URL HTTP/1.1 centrall-consultas.azurewebsites.net/cartoes-renner/vectors/bg-login.svg
IP 20.118.40.5:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /cartoes-renner/vectors/bg-login.svg HTTP/1.1
Host: centrall-consultas.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/renner/inicio/login.php
Cookie: dtCookie=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC; rxVisitor=1668046255223KNT2K8FBRP8SJNGRJKD9BBCM1IP84E75; dtPC=-60$46255218_345h-vOWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0e0; rxvt=1668048058137|1668046255227; dtLatC=430; dtSa=-; _pm_id=159301668046256049; _pm_sid=177701668046256049; _ga=GA1.3.693500141.1668046257; _gid=GA1.3.1084159157.1668046257
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Thu, 10 Nov 2022 02:11:03 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 6c8899144d958112388dc30bba20f61a
a25f8c4abe9c6d0b857fc30a9ed35addb40430de
fb2f8a233f6b0620dd36fa04b321eda5f3303f94f374c0643b730bc00b3af638
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114350
Date: Thu, 10 Nov 2022 02:11:03 GMT
Etag: "636b6c4d-1d7"
Expires: Fri, 11 Nov 2022 09:56:53 GMT
Last-Modified: Wed, 09 Nov 2022 09:01:01 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: t_qM2_XB7PTuFNYtJrqUiDyQXLqXgHEWphrrucFySh-y-c1FfiHplQ==
Age: 3352
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC&svrid=-60&flavor=cors&vi=OWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0&modifiedSince=1667815146717&rf=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&bp=3&app=189e25234ffe70ce&crc=386919976&en=ovxxhecl&end=1
204.236.235.35200 OK 703 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC&svrid=-60&flavor=cors&vi=OWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0&modifiedSince=1667815146717&rf=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&bp=3&app=189e25234ffe70ce&crc=386919976&en=ovxxhecl&end=1
IP 204.236.235.35:0
File type ASCII text, with very long lines (703), with no line terminators
Hash 172a7dc6cf5739f35d07cd1672b6c386
ac3534b24b996738aca80f626bf4efdd0466cd25
9876d411028aaf3373de13ad70489fc6ccdc756eb638cdf3b7960f56d5427a47
POST /bf?type=js3&sn=v_4_srv_-2D60_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC&svrid=-60&flavor=cors&vi=OWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0&modifiedSince=1667815146717&rf=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&bp=3&app=189e25234ffe70ce&crc=386919976&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2330
Origin: https://centrall-consultas.azurewebsites.net
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:11:03 GMT
content-type: text/plain;charset=utf-8
content-length: 703
set-cookie: dtCookie=v_4_srv_7_sn_C709E899EAD7FB3D6838C604BCCE9EDA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: https://centrall-consultas.azurewebsites.net
cache-control: no-cache
X-Firefox-Spdy: h2
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_12_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=12&flavor=cors&vi=OWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0&modifiedSince=1668022163877&rf=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&bp=3&app=189e25234ffe70ce&crc=639530834&en=ovxxhecl&end=1
204.236.235.35200 OK 211 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_12_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=12&flavor=cors&vi=OWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0&modifiedSince=1668022163877&rf=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&bp=3&app=189e25234ffe70ce&crc=639530834&en=ovxxhecl&end=1
IP 204.236.235.35:0
File type ASCII text, with no line terminators
Hash 7e348c98890ffe037002bcb7d84fa8fe
ae13a93500ef24f96148af6c757be27633373ff1
4a2d1623592b9f3d4431ad9dc696c53013ffced4dffb668f6bba7339fb8307c4
POST /bf?type=js3&sn=v_4_srv_12_sn_GO2NPIJHJRVKTQFPV48VNLAQ5OE8A3GC_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=12&flavor=cors&vi=OWMSBJURCAIKQLEATHBBVHCIDWPCRCRQ-0&modifiedSince=1668022163877&rf=https%3A%2F%2Fcentrall-consultas.azurewebsites.net%2Frenner%2Finicio%2Flogin.php&bp=3&app=189e25234ffe70ce&crc=639530834&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8785
Origin: https://centrall-consultas.azurewebsites.net
Connection: keep-alive
Referer: https://centrall-consultas.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:11:05 GMT
content-type: text/plain;charset=utf-8
content-length: 211
set-cookie: dtCookie=v_4_srv_4_sn_382FCA082C30081ABEFEE4023B788D46_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: https://centrall-consultas.azurewebsites.net
cache-control: no-cache
X-Firefox-Spdy: h2