Report - track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3

Report Overview

Submitted URL
track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3
IP
185.103.37.69
ASN
#29119 ServiHosting Networks S.L.
Submitted
2022-11-26 13:25:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
igoal.go2cloud.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.9 kB	18.202.12.61
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
img.selecoesbrasil.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	88 kB	104.21.47.189
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	21 kB	142.250.74.174
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	23.36.76.226
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.96.8
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
popups.rdstation.com.br	65718	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	698 B	292 B	34.68.90.188
pageview-notify.rdstation.com.br	77269	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	521 B	872 B	35.223.116.65
track.dublicitly.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	757 B	185.103.37.70
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
campanha.protestemarketing.com.br	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	12 kB	172.67.208.176
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	4.6 kB	104.17.24.14
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	47 kB	142.250.74.168
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	2.0 kB	142.250.74.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	72 kB	216.58.207.195
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	3.7 kB	143.204.55.84
d335luupugsy2.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	63 kB	54.230.245.19
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.5 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	60 kB	34.120.237.76
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	633 B	724 B	142.251.1.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 02:12:39 Times Seen37029432 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	img.selecoesbrasil.com.br/edm_megaconcurso_proteste_201902_ms_script.js	1.1 kB	2023-03-11	2023-03-11
Pretty URL img.selecoesbrasil.com.br/edm_megaconcurso_proteste_201902_ms_script.js IP 104.21.47.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:19 Last Seen2023-03-11 20:43:19 Times Seen1 Hash d91e56e216e40c50ea7615171788386e 98eb664b489d74df5bb80cd9720de7428433159d e544896ee7861ebd26e1f38ef0a537b833027196cbb18fd4a27cb63ea4ae9b38 Loading...

	d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1	200 kB	2023-03-07	2023-03-17
Pretty URL d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 IP 54.230.245.19 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:05 Last Seen2023-03-17 12:50:48 Times Seen1 Hash 0a0bef50edfc2af9f370cfb82f2893a9 db40091f535c421bc782f86a40b773dfc0f80f37 2d9b0723fd642409b97cec9d665b72a0ffc30f7cab69354bcf1317672737e95e Loading...

	static.hotjar.com/c/hotjar-2823494.js?sv=6	7.6 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-2823494.js?sv=6 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:19 Last Seen2023-03-11 20:43:19 Times Seen1 Hash b6c94dbacd889067535da99d81b66e4d 710b81094e796151c1914b7561a2ace814812173 acf77a0083784e1a8bea7b417551e033ded1146dbfe70688fa0b2de496caa027 Loading...

	d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js	2.1 kB	2023-03-07	2024-04-23
Pretty URL d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:22 Last Seen2024-04-23 15:26:48 Times Seen289 Hash 361325c86c17ebc03ff0f4d88d267a83 cdaaea7beea1fa3940cd5586a99515e442724029 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df Loading...

	d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1	14 kB	2023-03-07	2023-03-29
Pretty URL d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1 IP 54.230.245.19 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:32 Last Seen2023-03-29 23:06:59 Times Seen11 Hash 2fc673c2c57275d3e77e5e4615b1243c 62e2cd4fc0faaad29dd3023df180b764375e2d01 d90b54433ae9944b0986c244d76712a935aa2936176822f901dccb2fb94a82b3 Loading...

	campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1	364 B	2023-03-10	2023-03-11
Pretty URL campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1 IP 172.67.208.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:35:55 Last Seen2023-03-11 20:43:19 Times Seen1 Hash 6e09a7c375c1472d75f7dd51664ca636 4c92ba8982fe7ed18dcb2b888f3296f97c8bb8c2 4f6f7f3a5304a72fc8d4a1f512cea9322554c725a98e335281b30cdc162be4ca Loading...

	campanha.protestemarketing.com.br/Scripts/func_js.js	2.4 kB	2023-03-10	2023-03-11
Pretty URL campanha.protestemarketing.com.br/Scripts/func_js.js IP 172.67.208.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:35:55 Last Seen2023-03-11 20:43:19 Times Seen1 Hash 23a0eeb38be2953fd1dc45540648aa6b 872b34aba6875e03f8dc4bb12a72ab969835fb6a 95960b5a9c38932c8f045e2d9485080b121d2c94faccddbdecfc8af5267afce9 Loading...

	img.selecoesbrasil.com.br/jquery.min.js	93 kB	2023-03-07	2024-04-19
Pretty URL img.selecoesbrasil.com.br/jquery.min.js IP 104.21.47.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:30 Last Seen2024-04-19 21:21:38 Times Seen704 Hash 33d85132f0154466fc017dd05111873d 161b78ec52f28657a835e4a5423f03782fd35806 4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	d335luupugsy2.cloudfront.net/js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js	3.8 kB	2023-03-10	2023-03-11
Pretty URL d335luupugsy2.cloudfront.net/js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js IP 54.230.245.19 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:35:55 Last Seen2023-03-11 20:43:19 Times Seen1 Hash 42fe7ec5ef271ecfe3597b1c25238c8b 774a30e2eb6281fc6f8d4e21a13123df67054dbd c2dbb6352bebee39de8defe7e6b9fc683ad8ed27385fbbc7f696063d28e4f0e1 Loading...

	campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1	390 B	2023-03-11	2023-03-11
Pretty URL campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1 IP 172.67.208.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:43:19 Last Seen2023-03-11 20:43:19 Times Seen1 Hash e58adcff0d76005e53043d2f28da1328 fc350f90640089c7c00ab44e3789ad9ffe88d4d2 ad34650c8a6f0749de5b15d0a94f4b0661585a68eac17ccaca7a9cce011021f4 Loading...

	campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1	229 B	2023-03-10	2023-03-11
Pretty URL campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1 IP 172.67.208.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:35:55 Last Seen2023-03-11 20:43:19 Times Seen1 Hash 9202a88dad17034785afd6ad7cfde518 c5f6d75e2ae09d31e6b066b8bf0412dabab3b809 21c23115218da10334549acb4ffa2154eba72c320d6e67e58e1194a05e43f4b6 Loading...

	d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js	1.9 kB	2023-03-07	2023-03-17
Pretty URL d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js IP 54.230.245.19 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:23:27 Last Seen2023-03-17 12:50:47 Times Seen1 Hash 60c4a92725ecad7b22391e314ecef104 14aef5761172d45367e5ff4f17f7785be856a1e5 a700f834d4539a4edfcd428adc332217c53a0cf7bdb9436e4703d25b6cde2cf4 Loading...

HTTP Transactions (63)

URL IP Response Size

track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3

185.103.37.70

303 See Other

283 B

URL HTTP/1.1
track.dublicitly.com/ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3
IP
185.103.37.70:0
ASN
#29119 ServiHosting Networks S.L.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (337)
Size
283 B (283 bytes)
Hash
b11dd69fe3f480328d7c9d193c107d65
ba3d7e53d5068d08ffe24ac78d1e2add7e2a9c0d
818263aceedb45a9c2b05ee272ca13cdf51536506d54457296a41f63e40066af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3 HTTP/1.1
Host: track.dublicitly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Date: Sat, 26 Nov 2022 13:25:10 GMT
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-cache, private
Location: http://igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=
Content-Encoding: gzip
Age: 0
Vary: , Accept-Encoding
TP-Cache: MISS
Content-Length: 283
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 13:25:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5945
Cache-Control: max-age=168303
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:10 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:10:13 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 13:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 357
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Sat, 26 Nov 2022 15:29:59 GMT
Date: Sat, 26 Nov 2022 13:25:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: qwZSw2XBZdmS/siXtZkY535D7l/fOlfUVM91kAuJu+4tj2MKUND4FxoXSTVgOdD2p5TGD5i6TzE=
x-amz-request-id: D7CV976E50A3D382
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 12:41:12 GMT
age: 2638
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=

18.202.12.61

302 Found

334 B

URL HTTP/1.1
igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=
IP
18.202.12.61:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
334 B (334 bytes)
Hash
8b22b05e3208e0650748a733313caabf
a2f72e65621320d7df1dad81ade9560db4da6052
0d27acef9bae0d97b3211279cd26b2f0d09a988e83376477fe5cd893841ef158

HTTP Headers

GET /aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3= HTTP/1.1
Host: igoal.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 26 Nov 2022 13:25:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_5311=44765; expires=Sun, 27 Nov 2022 13:25:10 GMT; path=/; SameSite=None; Secure
Access-Control-Allow-Origin: *
X-Request-Id: 2023aa8340a6e617b4d090d73f8eac0e
Access-Control-Allow-Headers: Tune-SDK-Version

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 13:25:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a2186c7e15e892546188856bc7800e0f
4c40ca059a94d31c0281977dc054ba359052df0d
5f3a18254e4b2335ec708bc1285ee63ed6884e5d794e46567c9b822bf9f9592a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101149
Date: Sat, 26 Nov 2022 13:25:10 GMT
Etag: "6380edac-1d7"
Expires: Sun, 27 Nov 2022 17:30:59 GMT
Last-Modified: Fri, 25 Nov 2022 16:30:36 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3tPK1e2E6U-cLT-y8C9-S97nfon_Aec_D99H1lMgGCwcF-mGp944VQ==
Age: 3624

igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=

18.202.12.61

302 Found

246 B

URL HTTP/1.1
igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=
IP
18.202.12.61:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
246 B (246 bytes)
Hash
51dcb6c1e699cb4105b6e3d6413b3496
e096559c67d327408a408b914e87084ad382d9a7
95ab4c3c40e428d7932a79a8c7ff64a2e1b7d61744ca16d2d394466101c76112

HTTP Headers

GET /aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3= HTTP/1.1
Host: igoal.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 26 Nov 2022 13:25:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 246
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://campanha.protestemarketing.com.br/engine?mktcode=GUKP21
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_5311=44765; expires=Sun, 27 Nov 2022 13:25:10 GMT; path=/; SameSite=None; Secure
enc_aff_session_5311=ENC0344300741fd4a8c6df785f85c8ff0aede6c40f6b045be856bff5646c119729fe8cd65d46eca5957f1e8ea765f79bf4cd8148e3d71e59755964c373e4a457fa4497e8aac61a3461ce52fae274c3c2e089feaff7dcf591f6ee210019c1857d026d7d7d2edba539e76a586dfbbf5f3dcbe1ba861ecdeb3d118abd9897b59045726254d22db90a39267b60510960e4530e3d859f728b0c0438417648a8d5527ef78712cc2942d; expires=Sat, 03 Dec 2022 13:25:10 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Tue, 21 Oct 2025 00:05:10 GMT; path=/; SameSite=None; Secure
Tracking_id: 1028580e50afa81d5e6112032d577d
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 8cd3457a68ee2d203b2daac4742c2ec5
Access-Control-Allow-Headers: Tune-SDK-Version

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 13:08:54 GMT
cache-control: public,max-age=3600
age: 977
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1622
Cache-Control: max-age=158922
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:11 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:33:53 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

campanha.protestemarketing.com.br/engine?mktcode=GUKP21

172.67.208.176

302 Found

262 B

URL HTTP/1.1
campanha.protestemarketing.com.br/engine?mktcode=GUKP21
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
262 B (262 bytes)
Hash
89c23abfb02de3afa666d50d15faedaf
8a09fee4dc79d8d9b1509271bbd94946c80c1a41
8871ee87b51d57d070eb3b4c58fa3c8c1e7ee8fd14877707bf53e8930ca9ebb9

HTTP Headers

GET /engine?mktcode=GUKP21 HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 26 Nov 2022 13:25:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Location: /oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Set-Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl; path=/; HttpOnly; SameSite=Lax
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCbc4j6rXmxbqxz4WuAjHC2akY4nwYKNVaFXH4G20Sm7L6d%2BnA%2BNUFL93lwDJw%2F%2BbG9RcyZgWNQDLpBoZKxOlGCFu6AMPMA8biIB7UILJxqSsm6BDgDktW8leGXCcZR5zhD8AfmlX%2BkDbsPdkryn32LaR50%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2d728510b65-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

52.39.96.8

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.96.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VErqqUyTlYTK7D+ROVdWAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 85xeei6OZdAjekroK9T2RB0L6qQ=

campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1

172.67.208.176

200 OK

2.3 kB

URL HTTP/1.1
campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (474), with CRLF, LF line terminators
Size
2.3 kB (2259 bytes)
Hash
ca9a0409d651b2e13acc7e13b9523855
1c674a203677cd8bf95ec588edfacaeb8bdcd5da
5e7661db1ff9370703c22b15d88cd5360612bd5c6023412143cbbb1e7ef06b6d

HTTP Headers

GET /oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1 HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:25:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkWShKW%2F482%2F%2BcfFmJ626uWWcqDv7ubWrlhEVMb7EZnSstPizwH60b8BSkFMPAotizEPIURarWVaqIw4bBjI0br%2BXKpWCLNEOJgpCWZfoTay4IL9AnFeh%2B8vRCpglDg8co4UFnQlVKA6hZ7AY6r6%2BQuAfes%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2da8c120b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css

104.17.24.14

200 OK

3.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (57790)
Size
3.5 kB (3541 bytes)
Hash
ff6b787c5ff15f7b97e551a6d8a2849e
18229205ca4f08163d2abf04dfe21e01a4565248
dd1520af68e81f23c6cc87b999d755e3bf9075258121e621a9f51a51833248f0

HTTP Headers

GET /ajax/libs/animate.css/3.7.0/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:11 GMT
content-type: text/css; charset=utf-8
content-length: 3541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e283"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1281436
expires: Thu, 16 Nov 2023 13:25:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0DX5W1VWflSuzKE40y78m3t52dM%2Bjc4GZaPPGajmD5oOPkwf06X%2BaLVTP2xi1SNL2dscdTbzjxMm56MAGOYBA%2FGfwMMZ8EiSiIHe9FMdolHIdigLDcUZ1dAL4OoqAW9qL83my4e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7702f2dd5e640b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
864526b24e1614aba97c400144e5a66b
7a012a75650846faad2abb5e1970a797d94efa02
5642ebb5a59ee4388f8dd00f5b5c9f8b10729f6cbf52014ff13f09ed0310aef3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113356
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:11 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: nginx
Content-Length: 278

www.googletagmanager.com/gtm.js?id=GTM-KLL3N3

142.250.74.168

200 OK

47 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KLL3N3
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2595)
Size
47 kB (46651 bytes)
Hash
d17d99bf65120b3da498ceda1a87c36a
ec713cc7518c0234838c082b97d5464f01b727ea
75b23c26da65956120cc57493588801f6f82fa8c6e176bf5fc238c7fca8ae55b

HTTP Headers

GET /gtm.js?id=GTM-KLL3N3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 13:25:11 GMT
expires: Sat, 26 Nov 2022 13:25:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
864526b24e1614aba97c400144e5a66b
7a012a75650846faad2abb5e1970a797d94efa02
5642ebb5a59ee4388f8dd00f5b5c9f8b10729f6cbf52014ff13f09ed0310aef3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113355
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
864526b24e1614aba97c400144e5a66b
7a012a75650846faad2abb5e1970a797d94efa02
5642ebb5a59ee4388f8dd00f5b5c9f8b10729f6cbf52014ff13f09ed0310aef3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113355
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
864526b24e1614aba97c400144e5a66b
7a012a75650846faad2abb5e1970a797d94efa02
5642ebb5a59ee4388f8dd00f5b5c9f8b10729f6cbf52014ff13f09ed0310aef3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=113355
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 278

fonts.googleapis.com/css?family=Baloo|Open+Sans:400,700

142.250.74.10

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Baloo|Open+Sans:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1218 bytes)
Hash
ef08d27eba9ea23d1379ad3a8a300cb3
7d00e2531446d9b71fd2ccf856acec652112c430
c2bf6644d6f9e31ab0f9ef06b509c240df0429c36a8f6bffefcf10e9274ccb4b

HTTP Headers

GET /css?family=Baloo|Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 13:25:11 GMT
date: Sat, 26 Nov 2022 13:25:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

campanha.protestemarketing.com.br/Scripts/func_js.js

172.67.208.176

200 OK

1.4 kB

URL HTTP/1.1
campanha.protestemarketing.com.br/Scripts/func_js.js
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1368 bytes)
Hash
50038c1eb358ac4065f501a4c80d237e
3dcb478fd68dd21bfb43ce3ddb30657f333c870a
aaf7e0a085bec379f214b7bca343149c575524335c179aa771b82dfc41801e7c

HTTP Headers

GET /Scripts/func_js.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:25:12 GMT
Content-Type: application/javascript
Content-Length: 1368
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2018 15:00:55 GMT
ETag: "d86a1233e16ad41:0"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj4lkgMrgq6Q%2BF8HHmjCJ%2BX9ghkKGbRP7k1WL9aSCin2XZLNhA2G3bXOpxa0sh5LjuJSkZgKxRUj4QLoTy7Dy4T34cuTeEg23Y6udYqlL1LDC8DTX1APktX8xGhQC5ezP320jhCImmyNc3seK8Z0RPryTrU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2dd3ec50b65-OSL
alt-svc: h2=":443"; ma=60

campanha.protestemarketing.com.br/Content/colorbox.css

172.67.208.176

200 OK

1.3 kB

URL HTTP/1.1
campanha.protestemarketing.com.br/Content/colorbox.css
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.3 kB (1275 bytes)
Hash
74ff6e043a7dfe18d466e0e36ba80ce8
c182f401d8ab26a6220c20e5d6549e21766beb16
445b83e34d22e5af3d6c5f6b8d37f01f159f86a1409a05e4cd38eea91e89d591

HTTP Headers

GET /Content/colorbox.css HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:25:12 GMT
Content-Type: text/css
Content-Length: 1275
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 13:20:21 GMT
ETag: "fa4ec4f25386d41:0"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ij5dYtK5L4Mgwas3FJs1ZKzWXZSpazoxaw6dozjbLqxTDuMyxrbpgt39w1ErELssit9qrGWUtCFjl3IXzMWITyM0J%2FkrzBPIvC8Mm9wpww5UmWbgPlrdxhP%2BJfyFKBqc%2BstK5W%2F%2BjLYJLQ%2ByOBLqHSBAJL0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2dd4bf61bfe-OSL
alt-svc: h2=":443"; ma=60

campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js

172.67.208.176

404 Not Found

681 B

URL HTTP/1.1
campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
681 B (681 bytes)
Hash
31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702

HTTP Headers

GET /Scripts/colorbox/jquery.colorbox.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl

HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 13:25:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4gEwmuZrR%2Fz8bkk0RI1pHa7mBuputjOjkOLbFcRYFTRbbBMEnV94wXjsQ4rBQTbia1pgGPiktJh1FdVrimnpJNtEHGIu1TvYnU0wEyqTFKFkeT9Py7hvI9ZQ6D4NzGVAAxBCAo2ZHrOU%2BbrNNDaAUgpPd0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702f2dd4c200b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

img.selecoesbrasil.com.br/edm_megaconcurso_proteste_201902_ms_logo-pt.png

104.21.47.189

200 OK

3.4 kB

URL HTTP/2
img.selecoesbrasil.com.br/edm_megaconcurso_proteste_201902_ms_logo-pt.png
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 148 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3367 bytes)
Hash
b353955c486da98cd4ba0e02703d6acc
b7e117f5be2eae5334a5ec844d7c9600166b4c61
189df1483e87ab30d39125a0ef9ffe6ddfbd7775fbcafb0a04608de7cc88122f

HTTP Headers

GET /edm_megaconcurso_proteste_201902_ms_logo-pt.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:12 GMT
content-type: image/png
content-length: 3367
last-modified: Wed, 13 Feb 2019 17:45:05 GMT
etag: "f650d9dac3c3d41:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nSVyKSgMIaDNVvAN%2FKXMi3eX5I4LONq8M%2Fud%2BiXouqCujw20nMCPobX6Q2hJzdGsH0%2F%2BjzLX3%2Faxyvmxig2y%2BAMjniDMqNXjegMPgPZ%2BgIvxVBKNQ4kasIU8OFk4MP2UF9sX4U8gBKXgJ83"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702f2de2b460b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
864526b24e1614aba97c400144e5a66b
7a012a75650846faad2abb5e1970a797d94efa02
5642ebb5a59ee4388f8dd00f5b5c9f8b10729f6cbf52014ff13f09ed0310aef3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=113356
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:28 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:25:12 GMT
Connection: keep-alive

img.selecoesbrasil.com.br/edm_megaconcurso_proteste_201902_ms_script.js

104.21.47.189

200 OK

776 B

URL HTTP/2
img.selecoesbrasil.com.br/edm_megaconcurso_proteste_201902_ms_script.js
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
776 B (776 bytes)
Hash
af4c1b4197ea4931e167beaf474f3c24
75e89387acaead9b7b58c56c13fe3692924b77e9
d96e3bca547f5329a525c369a2b385f51f749080f5d2edc85d65978919e18abb

HTTP Headers

GET /edm_megaconcurso_proteste_201902_ms_script.js HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:12 GMT
content-type: application/javascript
last-modified: Wed, 13 Feb 2019 17:52:20 GMT
etag: W/"6279caddc4c3d41:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYt61kabG%2BjLZ4QWahCGWHag2X6%2FGJLqMNq7IOqI%2FzK%2Bb%2BqRzXOeYthzK4GcSx3d9tI4IhPW1ST6P9fw2zNxGxTonkghlLXQhHC%2BtREnCXeh%2BSpVKZqDmjw7tNhDLVFvGlb4NyqPwuY7bZJ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de2b440b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7799 bytes)
Hash
96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 53493
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 56346
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 34174
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15818 bytes)
Hash
17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 54437
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 56192
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11150 bytes)
Hash
d0f860248042a8499ffb1701a880b2ba
845842c789e6e97fd1687e668d446bbb8309ffc7
9eca5258c7b6e4e145ca6576a3f3791f1324714404ffd7a56a61961f81e7bd44

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 56346
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js

172.67.208.176

404 Not Found

681 B

URL HTTP/1.1
campanha.protestemarketing.com.br/Scripts/colorbox/jquery.colorbox.js
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
681 B (681 bytes)
Hash
31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702

HTTP Headers

GET /Scripts/colorbox/jquery.colorbox.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl

HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 13:25:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mG71u3mBvgYacgdHJCbYgL4HKYEKPx3J5n%2BrTWhxz4IcuauyRJFx41sUs%2BzboU6VV8k3AGPYvXGW89yzfLOlynvRfsi25aRMBN8%2BzsEsXwwa%2BguWz2QdhPVBRsx9gPJSeELhuJpd%2FPIv5FP1w9JuA5JRVR4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702f2e3a9631bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 200541
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/baloo/v13/6xKhdSpJJ92I9MWPCm4.woff2

216.58.207.195

200 OK

26 kB

URL HTTP/2
fonts.gstatic.com/s/baloo/v13/6xKhdSpJJ92I9MWPCm4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25656, version 1.0\012- data
Size
26 kB (25656 bytes)
Hash
28117f9c43a85a42f07155dd25b2c0cd
2fb0c176e9fc237ae77cebdce8230b151fed8ec6
924c700458c4713734d2d78fcd9c278879ea20fafb2a7c40b82005968525cbbb

HTTP Headers

GET /s/baloo/v13/6xKhdSpJJ92I9MWPCm4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:52:21 GMT
expires: Thu, 23 Nov 2023 18:52:21 GMT
cache-control: public, max-age=31536000
age: 239572
last-modified: Tue, 19 Apr 2022 17:57:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img.selecoesbrasil.com.br/edm_beneficios_proteste_201903_ms_img-cartao-proteste_202008ok_75.png

104.21.47.189

200 OK

79 kB

URL HTTP/2
img.selecoesbrasil.com.br/edm_beneficios_proteste_201903_ms_img-cartao-proteste_202008ok_75.png
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 573 x 661, 8-bit colormap, non-interlaced\012- data
Size
79 kB (79024 bytes)
Hash
fcc95a68ee6dc242a7446b939463ff19
b706283b2ace011296b61171841745b501dc49ad
3d6c3ee944cc5a31f853162d155769029c2dad902d762ba39a6513599c54f231

HTTP Headers

GET /edm_beneficios_proteste_201903_ms_img-cartao-proteste_202008ok_75.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:13 GMT
content-type: image/png
content-length: 79024
last-modified: Wed, 24 Nov 2021 14:22:59 GMT
etag: "c4b628c83ee1d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbFozIHBsHiOc1iiEZ9m%2F19zKkax7DuLleeU9DY%2BzmLAqWXNwcVI2JM2PfW2gLvZC%2B5D03prb%2FfW16HiNXROnqz5s5wjVIUzvYaxQArIvFOw4HPB0L%2FAt2JtMnRy45q6gehYBsGggcCqRA63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702f2de2b450b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 12:41:08 GMT
expires: Sat, 26 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 2645
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2823494.js?sv=6

143.204.55.84

200 OK

3.1 kB

URL HTTP/2
static.hotjar.com/c/hotjar-2823494.js?sv=6
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5909)
Size
3.1 kB (3053 bytes)
Hash
f595d4119d6d40cdf3bf87c2ea8ca345
b3f68dd1c540e73f8748be85e50db72f7fac1395
21c019791193d2ab4017aa4ace6ba23b0c7151ce98f3c5c62a5cbb30bd067ef4

HTTP Headers

GET /c/hotjar-2823494.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 26 Nov 2022 13:25:13 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/b6c94dbacd889067535da99d81b66e4d
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: USXZmUZnuhC4vBpe4QCuewKbu9AO0XSTuja9rl_Ra8D8693PVZaNCw==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=930482344.1669469113&jid=23828086&gjid=77962282&_gid=1095909924.1669469113&_u=YGBAgAABAAAAAE~&z=1213387275

142.251.1.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=930482344.1669469113&jid=23828086&gjid=77962282&_gid=1095909924.1669469113&_u=YGBAgAABAAAAAE~&z=1213387275
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=930482344.1669469113&jid=23828086&gjid=77962282&_gid=1095909924.1669469113&_u=YGBAgAABAAAAAE~&z=1213387275 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://campanha.protestemarketing.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 13:25:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

campanha.protestemarketing.com.br/img/NGWP_favicon.JPEG

172.67.208.176

404 Not Found

681 B

URL HTTP/1.1
campanha.protestemarketing.com.br/img/NGWP_favicon.JPEG
IP
172.67.208.176:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
681 B (681 bytes)
Hash
31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702

HTTP Headers

GET /img/NGWP_favicon.JPEG HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl

HTTP/1.1 404 Not Found
Date: Sat, 26 Nov 2022 13:25:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2VdS6tuYmVc9KZ2FyjPstg4a6KBUJL4l5%2FQH7EkZboENNJUWZxUugip2tR4Nt8u04UmNonR6k1B4ZGLofJ4JojxGj3WJhnVUU6t1YsBoDf%2FaMSd2FyIsWYrb7cYYJZbg%2Bh3eAYcj9M5VItXnIpeahZsP%2FI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702f2e65ba01bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1

54.230.245.19

200 OK

5.1 kB

URL HTTP/2
d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
IP
54.230.245.19:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (14095)
Size
5.1 kB (5126 bytes)
Hash
037b8303bce609f3647bd079508031b2
b76218de9ed86ba5eb7a432f264c016da0b044ea
c2a0cc110766fc701e4aad2ec2deb59fdbdcbc1b22c957832948377d456fa87a

HTTP Headers

GET /js/integration/stable/rd-js-integration.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 5126
last-modified: Mon, 14 Mar 2022 19:11:46 GMT
content-encoding: gzip
x-amz-version-id: EFK6hy2tasKcabJ9JHnpmDSfRZbvtSM9
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 20:20:54 GMT
cache-control: max-age=86400, must-revalidate
etag: "037b8303bce609f3647bd079508031b2"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8taW0TWtiu4gvbK-koBth12KYMLA-6ff4sj-MHxZY7Z4bubK2mxKtQ==
age: 61460
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

54.230.245.19

200 OK

56 kB

URL HTTP/2
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
IP
54.230.245.19:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65224)
Size
56 kB (55730 bytes)
Hash
0745a774ff7c7e1979835e815fedb0c4
0432043be5a45c2bae353163bad348047a498160
361f3851dc0b75b8fda43f41acdce3fddb156c0df39218304149cb6e3e7459bb

HTTP Headers

GET /js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 55730
date: Fri, 25 Nov 2022 20:17:45 GMT
last-modified: Thu, 01 Sep 2022 18:56:54 GMT
etag: "0745a774ff7c7e1979835e815fedb0c4"
content-encoding: gzip
x-amz-version-id: Rdke.7MSx732uledJxJP7l.H8q8C1Qau
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K79GjmSO4EoI2f7rCeb9LD3cKX7uAPmuSNQAyrDXLcj__moMq_GUVQ==
age: 61649
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
659d3c3fd2a64843839e94f65381b909
ecde373a4ef8b7e383976ff0b384540441bb93d9
c051a7b155c74a046987cfd6491101e34ba090bbfd2adb395710e293c1e224fb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C051A7B155C74A046987CFD6491101E34BA090BBFD2ADB395710E293C1E224FB"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Sat, 26 Nov 2022 15:05:05 GMT
Date: Sat, 26 Nov 2022 13:25:14 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
fc52eecf651ee592afbbb4497d091ad0
0ef59f99eca8e9d960404871d4d374489d04f154
0cb28b55a32864bd5fd362a1451d0192b4436c421cee9c2dfbf0423a92696e5c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 13:25:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:05:14 GMT
Expires: Fri, 02 Dec 2022 07:05:13 GMT
Etag: "0ef59f99eca8e9d960404871d4d374489d04f154"
Cache-Control: max-age=494998,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702f2ef8b8fb524-OSL

popups.rdstation.com.br/popup/show.json?account_id=122066&uniq=_yqguj1tml&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1HVUtQMjEmZWlkPTIyMTEzMzU4NDYwOTA2JmVkbWlkPTdDNzJEMUM1QUI4Q0I3NDlCNzlERUUyNUVENjVGRTVBJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x

34.68.90.188

200 OK

13 B

URL HTTP/2
popups.rdstation.com.br/popup/show.json?account_id=122066&uniq=_yqguj1tml&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1HVUtQMjEmZWlkPTIyMTEzMzU4NDYwOTA2JmVkbWlkPTdDNzJEMUM1QUI4Q0I3NDlCNzlERUUyNUVENjVGRTVBJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x
IP
34.68.90.188:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
6346e069259dd802eaf247566e2f4368
03783069db6874744910cd5a92636f22529c6328
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

HTTP Headers

GET /popup/show.json?account_id=122066&uniq=_yqguj1tml&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1HVUtQMjEmZWlkPTIyMTEzMzU4NDYwOTA2JmVkbWlkPTdDNzJEMUM1QUI4Q0I3NDlCNzlERUUyNUVENjVGRTVBJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x HTTP/1.1
Host: popups.rdstation.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/json
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=7776000
x-frame-options: sameorigin
content-length: 13
date: Sat, 26 Nov 2022 13:25:14 GMT
X-Firefox-Spdy: h2

pageview-notify.rdstation.com.br/send

35.223.116.65

200 OK

36 B

URL HTTP/2
pageview-notify.rdstation.com.br/send
IP
35.223.116.65:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
5dbb24193863cc729eb749436326033b
c9657074b0b36b69f63a355d247c29b0a95923dd
ffebdce73f6dd943c5e499eb047326008eeafa403eb8a8fa288c42529d6af80d

HTTP Headers

POST /send HTTP/1.1
Host: pageview-notify.rdstation.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 100
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:14 GMT
content-type: text/html;charset=utf-8
content-length: 36
access-control-allow-origin: http://campanha.protestemarketing.com.br
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
set-cookie: _rdtrk=b4e3ba54-11b0-44af-badf-7ed19d2010c4; domain=.rdstation.com.br; expires=Thu, 01 Jan 2032 00:00:00 -0000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2

img.selecoesbrasil.com.br/bootstrap.min.css

104.21.47.189

200 OK

0 B

URL HTTP/2
img.selecoesbrasil.com.br/bootstrap.min.css
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.min.css HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:12 GMT
content-type: text/css
last-modified: Mon, 07 Mar 2022 13:43:44 GMT
etag: W/"726525d2932d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzlQx2fzcpG%2FquP%2FCfQjYv5pxMbcpuLhbLvmkehUnLpHb8admOptEWa1Rmo5%2Flk5X5OtpylVN1pT3r0CxJ2StzjS9ruGfXd9%2B87rCCYVl3G8Oe3fQSmdsKKNMm0OnqmWfUYfRGZ%2Fhux7%2B4Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de5b640b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img.selecoesbrasil.com.br/bootstrap.min.js

104.21.47.189

404 Not Found

0 B

URL HTTP/2
img.selecoesbrasil.com.br/bootstrap.min.js
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.min.js HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
date: Sat, 26 Nov 2022 13:25:12 GMT
content-type: text/html
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjOPSTYhUUBXjS%2FsgHR9Ro8onz4VLfUBShaFoPFJ%2BO3aaQbESwwUAwXOMtpXPPLFFQ6tIA%2BVHHUWPKzXvXwGq0wyKyMoPAIIge9s0VaTihxBKLgo8nwYmWwipoeM7A88bSX6WlExGaCPeehU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702f2de4b610b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img.selecoesbrasil.com.br/edm_beneficios_proteste_201903_ms_style.css

104.21.47.189

200 OK

0 B

URL HTTP/2
img.selecoesbrasil.com.br/edm_beneficios_proteste_201903_ms_style.css
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /edm_beneficios_proteste_201903_ms_style.css HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:12 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2019 19:06:11 GMT
etag: W/"b9b0317962e6d41:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7MLbR3Rljwwo%2B8F%2Fu%2FOyictx0Mcsik4x0SyYgaKJ0JPhOaaIRo0L0DLZ0WVK6oJsJ8RPiplQXFPh%2BWj%2BN2uWfGd0OtOqMZNIp2FtJaANppvpCRhk75Wu3o8nY1KmpA9KgFuaxojuFYbvszk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de5b650b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img.selecoesbrasil.com.br/jquery.min.js

104.21.47.189

200 OK

0 B

URL HTTP/2
img.selecoesbrasil.com.br/jquery.min.js
IP
104.21.47.189:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 26 Nov 2022 13:25:12 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2016 13:54:18 GMT
etag: W/"0a1f313484ad21:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPSpucOyAnxA3oRipuwJmy5TmNEIn3yRdSq7UmgGH4rbAfHWeOw1%2BSOMKFKmA%2FkLydGnPHhTC7W8SzVAdjQ2hgd5TneL8ruTUK%2FL6MDGs%2B3Dydl%2B2S75eeZki7cdpcAUcFmaEMhNjYdlnEQv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de4b5f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js

54.230.245.19

200 OK

0 B

URL HTTP/2
d335luupugsy2.cloudfront.net/js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js
IP
54.230.245.19:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 13:25:14 GMT
last-modified: Fri, 21 Oct 2022 13:30:59 GMT
etag: W/"42fe7ec5ef271ecfe3597b1c25238c8b"
cache-control: no-cache
x-amz-version-id: fLQ2MNTWPHD3vAPAuphOFJgJF3LqYDWp
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y5YPWVom_J8apuhvRtpHiFx0XjvyefUlA-GR_L8Uecves-hFnj_ehQ==
X-Firefox-Spdy: h2

d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js

54.230.245.19

200 OK

0 B

URL HTTP/2
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
IP
54.230.245.19:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/traffic-source-cookie/stable/traffic-source-cookie.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 13:05:24 GMT
last-modified: Thu, 17 Nov 2022 14:58:51 GMT
etag: W/"60c4a92725ecad7b22391e314ecef104"
x-amz-version-id: _DcRcF.3JZ4tSr0ScmnT0Msp3iEBkteK
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PWMf5fxVsrJM4pOU79Nb8wZiU5HC-NKMW7h90sB0BgQuxrSuwl0JUw==
age: 1191
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP