GET /ofc/e58e263d-e81a9e33-bd57541c-3559-edfb/01e8aec5-37a6ecd8-ed5f2068-ebc6-d7e3 HTTP/1.1
Host: track.dublicitly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 185.103.37.70
HTTP/1.1 303 See Other
Content-Type: text/html; charset=UTF-8
Date: Sat, 26 Nov 2022 13:25:10 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Cache-Control: no-cache, private
Location: http://igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=
Content-Encoding: gzip
Age: 0
Vary: , Accept-Encoding
TP-Cache: MISS
Content-Length: 283
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Sat, 26 Nov 2022 17:07:26 GMT
Date: Sat, 26 Nov 2022 13:25:10 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 5945
Cache-Control: max-age=168303
Date: Sat, 26 Nov 2022 13:25:10 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 12:10:13 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 13:19:13 GMT
cache-control: public,max-age=3600
age: 357
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7489
Expires: Sat, 26 Nov 2022 15:29:59 GMT
Date: Sat, 26 Nov 2022 13:25:10 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: qwZSw2XBZdmS/siXtZkY535D7l/fOlfUVM91kAuJu+4tj2MKUND4FxoXSTVgOdD2p5TGD5i6TzE=
x-amz-request-id: D7CV976E50A3D382
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 12:41:12 GMT
age: 2638
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3= HTTP/1.1
Host: igoal.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 18.202.12.61
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
Server: nginx
Date: Sat, 26 Nov 2022 13:25:10 GMT
Content-Length: 334
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://igoal.go2cloud.org/aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3=
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_5311=44765; expires=Sun, 27 Nov 2022 13:25:10 GMT; path=/; SameSite=None; Secure
Access-Control-Allow-Origin: *
X-Request-Id: 2023aa8340a6e617b4d090d73f8eac0e
Access-Control-Allow-Headers: Tune-SDK-Version
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Sat, 26 Nov 2022 13:25:10 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101149
Date: Sat, 26 Nov 2022 13:25:10 GMT
Etag: "6380edac-1d7"
Expires: Sun, 27 Nov 2022 17:30:59 GMT
Last-Modified: Fri, 25 Nov 2022 16:30:36 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3tPK1e2E6U-cLT-y8C9-S97nfon_Aec_D99H1lMgGCwcF-mGp944VQ==
Age: 3624
|
GET /aff_c?offer_id=5311&aff_id=1269&url_id=44765&aff_sub=M2022112613-8706b63b7dfa57bec01f5b092d1628d0&aff_sub3= HTTP/1.1
Host: igoal.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
18.202.12.61
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
Server: nginx
Date: Sat, 26 Nov 2022 13:25:10 GMT
Content-Length: 246
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: http://campanha.protestemarketing.com.br/engine?mktcode=GUKP21
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_5311=44765; expires=Sun, 27 Nov 2022 13:25:10 GMT; path=/; SameSite=None; Secure
enc_aff_session_5311=ENC0344300741fd4a8c6df785f85c8ff0aede6c40f6b045be856bff5646c119729fe8cd65d46eca5957f1e8ea765f79bf4cd8148e3d71e59755964c373e4a457fa4497e8aac61a3461ce52fae274c3c2e089feaff7dcf591f6ee210019c1857d026d7d7d2edba539e76a586dfbbf5f3dcbe1ba861ecdeb3d118abd9897b59045726254d22db90a39267b60510960e4530e3d859f728b0c0438417648a8d5527ef78712cc2942d; expires=Sat, 03 Dec 2022 13:25:10 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Tue, 21 Oct 2025 00:05:10 GMT; path=/; SameSite=None; Secure
Tracking_id: 1028580e50afa81d5e6112032d577d
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 8cd3457a68ee2d203b2daac4742c2ec5
Access-Control-Allow-Headers: Tune-SDK-Version
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 13:08:54 GMT
cache-control: public,max-age=3600
age: 977
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 1622
Cache-Control: max-age=158922
Date: Sat, 26 Nov 2022 13:25:11 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:33:53 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
GET /engine?mktcode=GUKP21 HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
172.67.208.176
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sat, 26 Nov 2022 13:25:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Location: /oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Set-Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl; path=/; HttpOnly; SameSite=Lax
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCbc4j6rXmxbqxz4WuAjHC2akY4nwYKNVaFXH4G20Sm7L6d%2BnA%2BNUFL93lwDJw%2F%2BbG9RcyZgWNQDLpBoZKxOlGCFu6AMPMA8biIB7UILJxqSsm6BDgDktW8leGXCcZR5zhD8AfmlX%2BkDbsPdkryn32LaR50%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2d728510b65-OSL
alt-svc: h2=":443"; ma=60
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VErqqUyTlYTK7D+ROVdWAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
52.39.96.8
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 85xeei6OZdAjekroK9T2RB0L6qQ=
|
GET /oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1 HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
Upgrade-Insecure-Requests: 1
|
search
172.67.208.176
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Sat, 26 Nov 2022 13:25:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkWShKW%2F482%2F%2BcfFmJ626uWWcqDv7ubWrlhEVMb7EZnSstPizwH60b8BSkFMPAotizEPIURarWVaqIw4bBjI0br%2BXKpWCLNEOJgpCWZfoTay4IL9AnFeh%2B8vRCpglDg8co4UFnQlVKA6hZ7AY6r6%2BQuAfes%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2da8c120b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
GET /ajax/libs/animate.css/3.7.0/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Sat, 26 Nov 2022 13:25:11 GMT
content-length: 3541
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e283"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1281436
expires: Thu, 16 Nov 2023 13:25:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0DX5W1VWflSuzKE40y78m3t52dM%2Bjc4GZaPPGajmD5oOPkwf06X%2BaLVTP2xi1SNL2dscdTbzjxMm56MAGOYBA%2FGfwMMZ8EiSiIHe9FMdolHIdigLDcUZ1dAL4OoqAW9qL83my4e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7702f2dd5e640b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: max-age=113356
Date: Sat, 26 Nov 2022 13:25:11 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: nginx
Content-Length: 278
|
GET /gtm.js?id=GTM-KLL3N3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 13:25:11 GMT
expires: Sat, 26 Nov 2022 13:25:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: max-age=113355
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: nginx
Content-Length: 278
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: max-age=113355
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: nginx
Content-Length: 278
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=113355
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:27 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 278
|
GET /css?family=Baloo|Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 13:25:11 GMT
date: Sat, 26 Nov 2022 13:25:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /Scripts/func_js.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
|
search
172.67.208.176
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 13:25:12 GMT
Content-Length: 1368
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 23 Oct 2018 15:00:55 GMT
ETag: "d86a1233e16ad41:0"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj4lkgMrgq6Q%2BF8HHmjCJ%2BX9ghkKGbRP7k1WL9aSCin2XZLNhA2G3bXOpxa0sh5LjuJSkZgKxRUj4QLoTy7Dy4T34cuTeEg23Y6udYqlL1LDC8DTX1APktX8xGhQC5ezP320jhCImmyNc3seK8Z0RPryTrU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2dd3ec50b65-OSL
alt-svc: h2=":443"; ma=60
|
GET /Content/colorbox.css HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
|
search
172.67.208.176
HTTP/1.1 200 OK
Content-Type: text/css
Date: Sat, 26 Nov 2022 13:25:12 GMT
Content-Length: 1275
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 13:20:21 GMT
ETag: "fa4ec4f25386d41:0"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ij5dYtK5L4Mgwas3FJs1ZKzWXZSpazoxaw6dozjbLqxTDuMyxrbpgt39w1ErELssit9qrGWUtCFjl3IXzMWITyM0J%2FkrzBPIvC8Mm9wpww5UmWbgPlrdxhP%2BJfyFKBqc%2BstK5W%2F%2BjLYJLQ%2ByOBLqHSBAJL0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7702f2dd4bf61bfe-OSL
alt-svc: h2=":443"; ma=60
|
GET /Scripts/colorbox/jquery.colorbox.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
|
search
172.67.208.176
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Sat, 26 Nov 2022 13:25:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4gEwmuZrR%2Fz8bkk0RI1pHa7mBuputjOjkOLbFcRYFTRbbBMEnV94wXjsQ4rBQTbia1pgGPiktJh1FdVrimnpJNtEHGIu1TvYnU0wEyqTFKFkeT9Py7hvI9ZQ6D4NzGVAAxBCAo2ZHrOU%2BbrNNDaAUgpPd0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702f2dd4c200b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
GET /edm_megaconcurso_proteste_201902_ms_logo-pt.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
104.21.47.189
HTTP/2 200 OK
content-type: image/png
date: Sat, 26 Nov 2022 13:25:12 GMT
content-length: 3367
last-modified: Wed, 13 Feb 2019 17:45:05 GMT
etag: "f650d9dac3c3d41:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nSVyKSgMIaDNVvAN%2FKXMi3eX5I4LONq8M%2Fud%2BiXouqCujw20nMCPobX6Q2hJzdGsH0%2F%2BjzLX3%2Faxyvmxig2y%2BAMjniDMqNXjegMPgPZ%2BgIvxVBKNQ4kasIU8OFk4MP2UF9sX4U8gBKXgJ83"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702f2de2b460b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=113356
Date: Sat, 26 Nov 2022 13:25:12 GMT
Etag: "63812b83-116"
Expires: Sun, 27 Nov 2022 20:54:28 GMT
Last-Modified: Fri, 25 Nov 2022 20:54:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16212
Expires: Sat, 26 Nov 2022 17:55:24 GMT
Date: Sat, 26 Nov 2022 13:25:12 GMT
Connection: keep-alive
|
GET /edm_megaconcurso_proteste_201902_ms_script.js HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.21.47.189
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 13:25:12 GMT
last-modified: Wed, 13 Feb 2019 17:52:20 GMT
etag: W/"6279caddc4c3d41:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYt61kabG%2BjLZ4QWahCGWHag2X6%2FGJLqMNq7IOqI%2FzK%2Bb%2BqRzXOeYthzK4GcSx3d9tI4IhPW1ST6P9fw2zNxGxTonkghlLXQhHC%2BtREnCXeh%2BSpVKZqDmjw7tNhDLVFvGlb4NyqPwuY7bZJ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de2b440b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 53493
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 56346
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 34174
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 54437
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 56192
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad04f54-f199-4bc1-a785-cf5c76640147.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 11150
x-amzn-requestid: 0b773c28-feda-41a2-9de6-8b559bd773eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC5EukoAMFxfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-3bfe118939abc352072c5af1;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TpEr70sCNigNhVg7rDFIUG12AVpzC0BUW6-xW3QTvjLcBUrpehjJbQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 56346
etag: "845842c789e6e97fd1687e668d446bbb8309ffc7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /Scripts/colorbox/jquery.colorbox.js HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
|
search
172.67.208.176
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Sat, 26 Nov 2022 13:25:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mG71u3mBvgYacgdHJCbYgL4HKYEKPx3J5n%2BrTWhxz4IcuauyRJFx41sUs%2BzboU6VV8k3AGPYvXGW89yzfLOlynvRfsi25aRMBN8%2BzsEsXwwa%2BguWz2QdhPVBRsx9gPJSeELhuJpd%2FPIv5FP1w9JuA5JRVR4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702f2e3a9631bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 200541
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /s/baloo/v13/6xKhdSpJJ92I9MWPCm4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:52:21 GMT
expires: Thu, 23 Nov 2023 18:52:21 GMT
cache-control: public, max-age=31536000
age: 239572
last-modified: Tue, 19 Apr 2022 17:57:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /edm_beneficios_proteste_201903_ms_img-cartao-proteste_202008ok_75.png HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
104.21.47.189
HTTP/2 200 OK
content-type: image/png
date: Sat, 26 Nov 2022 13:25:13 GMT
content-length: 79024
last-modified: Wed, 24 Nov 2021 14:22:59 GMT
etag: "c4b628c83ee1d71:0"
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbFozIHBsHiOc1iiEZ9m%2F19zKkax7DuLleeU9DY%2BzmLAqWXNwcVI2JM2PfW2gLvZC%2B5D03prb%2FfW16HiNXROnqz5s5wjVIUzvYaxQArIvFOw4HPB0L%2FAt2JtMnRy45q6gehYBsGggcCqRA63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702f2de2b450b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 12:41:08 GMT
expires: Sat, 26 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 2645
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /c/hotjar-2823494.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
143.204.55.84
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 26 Nov 2022 13:25:13 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/b6c94dbacd889067535da99d81b66e4d
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: USXZmUZnuhC4vBpe4QCuewKbu9AO0XSTuja9rl_Ra8D8693PVZaNCw==
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-80454069-3&cid=930482344.1669469113&jid=23828086&gjid=77962282&_gid=1095909924.1669469113&_u=YGBAgAABAAAAAE~&z=1213387275 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
142.251.1.156
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: http://campanha.protestemarketing.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 13:25:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /img/NGWP_favicon.JPEG HTTP/1.1
Host: campanha.protestemarketing.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/oferta?mktcode=GUKP21&eid=22113358460906&edmid=7C72D1C5AB8CB749B79DEE25ED65FE5A&page=D9652364815137A9&company=proteste&pga=1
Cookie: ASP.NET_SessionId=i5vmlr5kh3tmaccizjuhizrl
|
search
172.67.208.176
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Sat, 26 Nov 2022 13:25:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2VdS6tuYmVc9KZ2FyjPstg4a6KBUJL4l5%2FQH7EkZboENNJUWZxUugip2tR4Nt8u04UmNonR6k1B4ZGLofJ4JojxGj3WJhnVUU6t1YsBoDf%2FaMSd2FyIsWYrb7cYYJZbg%2Bh3eAYcj9M5VItXnIpeahZsP%2FI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7702f2e65ba01bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
GET /js/integration/stable/rd-js-integration.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
54.230.245.19
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 5126
last-modified: Mon, 14 Mar 2022 19:11:46 GMT
content-encoding: gzip
x-amz-version-id: EFK6hy2tasKcabJ9JHnpmDSfRZbvtSM9
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 20:20:54 GMT
cache-control: max-age=86400, must-revalidate
etag: "037b8303bce609f3647bd079508031b2"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8taW0TWtiu4gvbK-koBth12KYMLA-6ff4sj-MHxZY7Z4bubK2mxKtQ==
age: 61460
X-Firefox-Spdy: h2
|
GET /js/rdstation-popups/bricks/rdstation-popup.min.js?v=1 HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
54.230.245.19
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 55730
date: Fri, 25 Nov 2022 20:17:45 GMT
last-modified: Thu, 01 Sep 2022 18:56:54 GMT
etag: "0745a774ff7c7e1979835e815fedb0c4"
content-encoding: gzip
x-amz-version-id: Rdke.7MSx732uledJxJP7l.H8q8C1Qau
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K79GjmSO4EoI2f7rCeb9LD3cKX7uAPmuSNQAyrDXLcj__moMq_GUVQ==
age: 61649
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "C051A7B155C74A046987CFD6491101E34BA090BBFD2ADB395710E293C1E224FB"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Sat, 26 Nov 2022 15:05:05 GMT
Date: Sat, 26 Nov 2022 13:25:14 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 13:25:14 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:05:14 GMT
Expires: Fri, 02 Dec 2022 07:05:13 GMT
Etag: "0ef59f99eca8e9d960404871d4d374489d04f154"
Cache-Control: max-age=494998,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7702f2ef8b8fb524-OSL
|
GET /popup/show.json?account_id=122066&uniq=_yqguj1tml&ref=aHR0cDovL2NhbXBhbmhhLnByb3Rlc3RlbWFya2V0aW5nLmNvbS5ici9vZmVydGE%2FbWt0Y29kZT1HVUtQMjEmZWlkPTIyMTEzMzU4NDYwOTA2JmVkbWlkPTdDNzJEMUM1QUI4Q0I3NDlCNzlERUUyNUVENjVGRTVBJnBhZ2U9RDk2NTIzNjQ4MTUxMzdBOSZjb21wYW55PXByb3Rlc3RlJnBnYT0x HTTP/1.1
Host: popups.rdstation.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.68.90.188
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=7776000
x-frame-options: sameorigin
content-length: 13
date: Sat, 26 Nov 2022 13:25:14 GMT
X-Firefox-Spdy: h2
|
POST /send HTTP/1.1
Host: pageview-notify.rdstation.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 100
Origin: http://campanha.protestemarketing.com.br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
35.223.116.65
HTTP/2 200 OK
content-type: text/html;charset=utf-8
date: Sat, 26 Nov 2022 13:25:14 GMT
content-length: 36
access-control-allow-origin: http://campanha.protestemarketing.com.br
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
set-cookie: _rdtrk=b4e3ba54-11b0-44af-badf-7ed19d2010c4; domain=.rdstation.com.br; expires=Thu, 01 Jan 2032 00:00:00 -0000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
|
GET /bootstrap.min.css HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.21.47.189
HTTP/2 200 OK
content-type: text/css
date: Sat, 26 Nov 2022 13:25:12 GMT
last-modified: Mon, 07 Mar 2022 13:43:44 GMT
etag: W/"726525d2932d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzlQx2fzcpG%2FquP%2FCfQjYv5pxMbcpuLhbLvmkehUnLpHb8admOptEWa1Rmo5%2Flk5X5OtpylVN1pT3r0CxJ2StzjS9ruGfXd9%2B87rCCYVl3G8Oe3fQSmdsKKNMm0OnqmWfUYfRGZ%2Fhux7%2B4Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de5b640b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /bootstrap.min.js HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.21.47.189
HTTP/2 404 Not Found
content-type: text/html
date: Sat, 26 Nov 2022 13:25:12 GMT
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjOPSTYhUUBXjS%2FsgHR9Ro8onz4VLfUBShaFoPFJ%2BO3aaQbESwwUAwXOMtpXPPLFFQ6tIA%2BVHHUWPKzXvXwGq0wyKyMoPAIIge9s0VaTihxBKLgo8nwYmWwipoeM7A88bSX6WlExGaCPeehU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7702f2de4b610b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /edm_beneficios_proteste_201903_ms_style.css HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.21.47.189
HTTP/2 200 OK
content-type: text/css
date: Sat, 26 Nov 2022 13:25:12 GMT
last-modified: Fri, 29 Mar 2019 19:06:11 GMT
etag: W/"b9b0317962e6d41:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7MLbR3Rljwwo%2B8F%2Fu%2FOyictx0Mcsik4x0SyYgaKJ0JPhOaaIRo0L0DLZ0WVK6oJsJ8RPiplQXFPh%2BWj%2BN2uWfGd0OtOqMZNIp2FtJaANppvpCRhk75Wu3o8nY1KmpA9KgFuaxojuFYbvszk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de5b650b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /jquery.min.js HTTP/1.1
Host: img.selecoesbrasil.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.21.47.189
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 13:25:12 GMT
last-modified: Tue, 29 Nov 2016 13:54:18 GMT
etag: W/"0a1f313484ad21:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPSpucOyAnxA3oRipuwJmy5TmNEIn3yRdSq7UmgGH4rbAfHWeOw1%2BSOMKFKmA%2FkLydGnPHhTC7W8SzVAdjQ2hgd5TneL8ruTUK%2FL6MDGs%2B3Dydl%2B2S75eeZki7cdpcAUcFmaEMhNjYdlnEQv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7702f2de4b5f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/loader-scripts/9691d6d0-d2d2-46f0-84d7-5698134e5178-loader.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
54.230.245.19
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 13:25:14 GMT
last-modified: Fri, 21 Oct 2022 13:30:59 GMT
etag: W/"42fe7ec5ef271ecfe3597b1c25238c8b"
cache-control: no-cache
x-amz-version-id: fLQ2MNTWPHD3vAPAuphOFJgJF3LqYDWp
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y5YPWVom_J8apuhvRtpHiFx0XjvyefUlA-GR_L8Uecves-hFnj_ehQ==
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/traffic-source-cookie/stable/traffic-source-cookie.min.js HTTP/1.1
Host: d335luupugsy2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://campanha.protestemarketing.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
54.230.245.19
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 26 Nov 2022 13:05:24 GMT
last-modified: Thu, 17 Nov 2022 14:58:51 GMT
etag: W/"60c4a92725ecad7b22391e314ecef104"
x-amz-version-id: _DcRcF.3JZ4tSr0ScmnT0Msp3iEBkteK
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PWMf5fxVsrJM4pOU79Nb8wZiU5HC-NKMW7h90sB0BgQuxrSuwl0JUw==
age: 1191
X-Firefox-Spdy: h2
--- Additional Info ---
|