Overview

URL www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
IP138.68.231.91
ASNDIGITALOCEAN-ASN
Location United States
Report completed2022-10-04 17:16:40 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/font-awesome-4-menus/cs (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/contact-form-7/includes (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/themes/contabilidadenobrasil/st (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/uploads/font-organizer/fo-eleme (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-includes/css/dist/block-library/style.m (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-includes/js/jquery/jquery-migrate.min.j (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/contact-form-7/includes (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/contact-form-7/includes (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/duracelltomi-google-tag (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-includes/js/dist/vendor/wp-polyfill.min (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/contact-form-7/modules/ (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-includes/js/hoverIntent.min.js?ver=1.10.2 Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/plugins/akismet/_inc/akismet-fr (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/themes/flatsome/assets/css/icon (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-content/themes/flatsome/assets/js/flats (...) Phishing
2022-10-04 2 www.contabilidadenobrasil.com.br/wp-json/contact-form-7/v1/contact-forms/51 (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 15:06:58 UTC 143.204.55.35
mnemonic passive DNS s7.addthis.com (5) 1504 2012-05-21 03:34:04 UTC 2022-10-04 05:02:43 UTC 23.38.200.123
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS m.addthis.com (2) 1448 2013-11-06 20:12:22 UTC 2022-10-04 06:00:37 UTC 23.38.200.123
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS fonts.gstatic.com (4) 0 2014-08-29 13:43:22 UTC 2022-10-04 09:46:16 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-10-04 10:11:20 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS z.moatads.com (1) 374 2014-02-11 16:19:47 UTC 2022-10-04 05:44:38 UTC 23.38.201.146
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-04 09:46:28 UTC 142.250.74.3
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.49
mnemonic passive DNS d335luupugsy2.cloudfront.net (1) 0 2020-12-15 19:13:09 UTC 2022-10-04 10:17:57 UTC 54.230.245.19 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 12:43:11 UTC 34.120.237.76
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-04 13:19:06 UTC 142.250.74.164
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-04 09:37:43 UTC 142.250.74.168
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-10-04 15:02:27 UTC 142.250.74.98
mnemonic passive DNS v1.addthisedge.com (1) 1721 2019-05-22 18:56:22 UTC 2022-10-04 05:02:43 UTC 23.38.200.123
mnemonic passive DNS www.contabilidadenobrasil.com.br (31) 0 2017-02-22 09:59:39 UTC 2022-10-04 08:48:53 UTC 138.68.231.91 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 15:17:25 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 34.212.13.96
mnemonic passive DNS api-public.addthis.com (1) 4111 2012-05-21 13:44:35 UTC 2022-10-04 06:04:25 UTC 23.38.200.123


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 138.68.231.91

Date UQ / IDS / BL URL IP
2022-10-05 17:30:02 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 17:14:56 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 14:03:08 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 13:52:30 +0000
0 - 0 - 17 www.contabilidadenobrasil.com.br/wp-content/p (...) 138.68.231.91
2022-10-05 12:26:45 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91

Last 5 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-12-04 15:14:54 +0000
0 - 0 - 4 bndl-trp.com/plc9v2/index.php 165.227.26.65
2022-12-04 14:56:55 +0000
0 - 0 - 2 smart-jaba.com/pt_5/index.html 167.172.229.159
2022-12-04 14:54:27 +0000
0 - 0 - 2 wryksxiikm.vf1y.art/aljrq/ir/YTJKc1pXUnpiMlZB (...) 139.59.181.158
2022-12-04 14:40:26 +0000
0 - 0 - 8 freeomrahtrip.com/freeiphone/ 134.209.23.250
2022-12-04 14:33:51 +0000
0 - 0 - 7 meditation-guide.org/43ryeudvgftweuysdghjyfew (...) 134.209.94.217

Last 5 reports on domain: contabilidadenobrasil.com.br

Date UQ / IDS / BL URL IP
2022-10-05 17:30:02 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 17:14:56 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 14:03:08 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 13:52:30 +0000
0 - 0 - 17 www.contabilidadenobrasil.com.br/wp-content/p (...) 138.68.231.91
2022-10-05 12:26:45 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-05 17:30:02 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 17:14:56 +0000
0 - 0 - 17 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-05 13:52:30 +0000
0 - 0 - 17 www.contabilidadenobrasil.com.br/wp-content/p (...) 138.68.231.91
2022-10-04 08:49:03 +0000
0 - 0 - 16 contabilidadenobrasil.com.br/wp-content/plugi (...) 138.68.231.91
2022-10-04 06:34:41 +0000
0 - 0 - 17 www.contabilidadenobrasil.com.br/wp-content/p (...) 138.68.231.91


JavaScript

Executed Scripts (34)


Executed Evals (7)

#1 JavaScript::Eval (size: 22, repeated: 1) - SHA256: eb3a140c9b84b3b5c69ed2966cf442240e63fc12aaf1e79d0c35aec5b237d9d7

                                        0,
function(C) {
    Lw(C, 1)
}
                                    

#2 JavaScript::Eval (size: 15548, repeated: 1) - SHA256: 1bf232e3afa032afeeb821804dac4bdcfae32c16178d33975a668df67e9d0841

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var x = function(U, v) {
            if (!(U = (v = null, A.trustedTypes), U) || !U.createPolicy) return v;
            try {
                v = U.createPolicy("bg", {
                    createHTML: J,
                    createScript: J,
                    createScriptURL: J
                })
            } catch (C) {
                A.console && A.console.error(C.message)
            }
            return v
        },
        A = this || self,
        J = function(U) {
            return U
        };
    (0, eval)(function(U, v) {
        return (v = x()) && 1 === U.eval(v.createScript("1")) ? function(C) {
            return v.createScript(C)
        } : function(C) {
            return "" + C
        }
    }(A)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var vF=function(U,v){if(!(U=(v=null,n.trustedTypes),U)||!U.createPolicy)return v;try{v=U.createPolicy("bg",{createHTML:UK,createScript:UK,createScriptURL:UK})}catch(A){n.console&&n.console.error(A.message)}return v},oh=function(U,v,A,x,e,C){function J(){if(v.P==v){if(v.B){var r=[M,x,U,void 0,e,C,arguments];if(2==A)var N=I(false,false,(L(r,v),v));else if(1==A){var O=!v.u.length;L(r,v),O&&I(false,false,v)}else N=Cw(v,r);return N}e&&C&&e.removeEventListener(C,J,q)}}return J},A4=function(U,v){return U[v]<<24|U[(v|0)+1]<<16|U[(v|0)+2]<<8|U[(v|0)+3]},r0=function(U,v,A,x){return(X(403,A,(xc((x=E(403,A),A.V&&x<A.H?(X(403,A,A.H),J4(v,A)):X(403,A,v),U),A),x)),E)(368,A)},Nn=function(U,v,A,x,e,C,J,r){return(v=[60,32,-94,21,71,(J=U&(r=er,7),74),v,90,56,20],C=V[A.Z](A.Px),C[A.Z]=function(N){J+=6+7*(e=N,U),J&=7},C).concat=function(N){return(e=(N=(N=(N=x%16+1,+v[J+43&7]*x*N-1184*x*e+J+37*e*e+(r()|0)*N)+3*x*x*N-111*x*x*e-N*e-3589*e,v[N]),void 0),v)[(J+21&7)+(U&2)]=N,v[J+(U&2)]=32,N},C},kc=function(U,v,A,x,e){for(e=(x=(U.Px=(U.lG=U[U.Mx=(U.pf=nw,OK),W],lX)(U.Z,{get:function(){return this.concat()}}),U.Hx=V[U.Z](U.Px,{value:{value:{}}}),0),[]);128>x;x++)e[x]=String.fromCharCode(x);I(true,true,(L((L((F(260,function(C,J,r,N,O,l,z,k,a,m,y,f){function u(D,b){for(;l<D;)r|=Q(C)<<l,l+=8;return b=r&(l-=D,(1<<D)-1),r>>=D,b}for(k=((l=(a=S(C),r=0),u(3))|0)+1,O=u(5),J=[],z=m=0;z<O;z++)y=u(1),J.push(y),m+=y?0:1;for(z=(m=((m|0)-1).toString(2).length,N=[],0);z<O;z++)J[z]||(N[z]=u(m));for(m=0;m<O;m++)J[m]&&(N[m]=S(C));for(f=[];k--;)f.push(E(S(C),C));F(a,function(D,b,w,T,t){for(w=(T=[],0),b=[];w<O;w++){if(!J[t=N[w],w]){for(;t>=T.length;)T.push(S(D));t=T[t]}b.push(t)}D.g=mv((D.i=mv(f.slice(),D),b),D)},C)},(U.zk=(X(39,(F(153,function(C,J){J4((J=E(S(C),C),J),C.P)},(F(76,((X(23,U,((F(257,(X(220,(F(203,function(C,J,r,N){J=(r=S(C),N=S(C),S(C)),C.P==C&&(J=E(J,C),N=E(N,C),E(r,C)[N]=J,495==r&&(C.l=void 0,2==N&&(C.v=Z(C,32,false),C.l=void 0)))},(F(77,function(C,J,r,N,O,l,z){for(r=(O=(l=E((N=(z=qn((J=S(C),C)),""),48),C),l.length),0);z--;)r=((r|0)+(qn(C)|0))%O,N+=e[l[r]];X(J,C,N)},(F(197,function(C,J){(J=S(C),C=E(J,C.P),C[0]).removeEventListener(C[1],C[2],q)},(F(145,function(C,J,r,N,O,l){if(!G(C,true,J,true)){if("object"==(r=(l=(r=S((O=S((J=(l=S(C),S(C)),C)),C)),J=E(J,C),E(l,C)),E(r,C)),C=E(O,C),zh(l))){for(N in O=[],l)O.push(N);l=O}for(O=(N=0,C=0<C?C:1,l).length;N<O;N+=C)J(l.slice(N,(N|0)+(C|0)),r)}},(F(204,(X(4,(F(146,(F(319,(F(247,function(C,J,r,N,O){X((J=(O=E((N=E((N=(J=(O=S((r=S(C),C)),S(C)),S(C)),N),C),O),C),E)(J,C),r),C,oh(J,C,N,O))},(X(109,U,((X(368,U,(F(42,(X(217,(F(486,(F(55,(F(226,function(C,J,r,N){!G(C,true,J,false)&&(J=Ih(C),N=J.Bx,r=J.I,C.P==C||r==C.nf&&N==C)&&(X(J.Al,C,r.apply(N,J.S)),C.Y=C.G())},(F(308,(F(436,(U.Y5=(F(483,function(C,J,r,N){if(J=C.a1.pop()){for(N=Q(C);0<N;N--)r=S(C),J[r]=C.B[r];C.B=(J[4]=C.B[J[52]=C.B[52],4],J)}else X(403,C,C.H)},(F(405,function(C){jr(4,C)},(F(475,(X(52,(F(64,function(C,J,r){(r=(r=(J=S(C),S)(C),E)(r,C),0)!=E(J,C)&&X(403,C,r)},(X(491,U,(F(460,(F(131,(X(51,U,(X(((X(403,(((U.H=0,U.V8=(U.o=[],U.B=[],U.g=(U.a1=[],U.O=(U.D=0,false),U.N=void 0,void 0),((U.i=void 0,U).A=(x=window.performance||{},void 0),U).U=(U.X=((U.uG=(U.l=void 0,U.j=false,!(U.R=0,1)),U).h=(U.P=U,U.V=(U.J=(U.W=1,null),[]),U.F=[],0),U.C=void 0,8001),U.K=(U.v=void 0,25),U.Y=0,0),0),U).nf=function(C){this.P=C},U.u=[],U).Gk=x.timeOrigin||(x.timing||{}).navigationStart||0,U),0),X)(105,U,0),208),U,U),[])),function(C,J,r,N){(r=E((N=(J=S((r=(N=S(C),S(C)),C)),E(N,C)),r),C),X)(J,C,N[r])}),U),function(C,J,r,N){r=E((J=S((N=S(C),r=S(C),C)),r),C),N=E(N,C)==r,X(J,C,+N)}),U),R(4))),F(478,function(C,J,r,N){X((r=E((J=E((r=S((J=S(C),C)),N=S(C),J),C),r),C),N),C,J in r|0)},U),U)),U),[]),function(C){Lw(C,4)}),U),U)),U)),0),function(){}),U),function(C,J,r,N,O,l){G(C,true,J,false)||(l=Ih(C.P),N=l.Bx,O=l.I,J=l.Al,l=l.S,r=l.length,N=0==r?new N[O]:1==r?new N[O](l[0]):2==r?new N[O](l[0],l[1]):3==r?new N[O](l[0],l[1],l[2]):4==r?new N[O](l[0],l[1],l[2],l[3]):2(),X(J,C,N))}),U),U)),function(C,J,r,N){X((r=S((N=(J=S(C),Q)(C),C)),r),C,E(J,C)>>>N)}),U),function(C){jr(1,C)}),U),U),[0,0,0]),function(C,J,r,N,O){0!==(J=E((N=(r=E((O=(J=(r=(N=(O=S(C),S(C)),S(C)),S)(C),E(O,C.P)),r),C),E)(N,C),J),C),O)&&(J=oh(J,C,1,r,O,N),O.addEventListener(N,J,q),X(39,C,[O,N,J]))}),U),{})),X)(16,U,n),0)),U)),function(C,J,r,N){r=(J=S(C),N=S(C),S)(C),X(r,C,E(J,C)||E(N,C))}),U),function(C,J,r){X((r=(J=(r=S(C),S(C)),r=E(r,C),zh)(r),J),C,r)}),U),U),2048),function(C,J,r){G(C,true,J,false)||(J=S(C),r=S(C),X(r,C,function(N){return eval(N)}(Mn(E(J,C.P)))))}),U),U)),U)),U)),U)),U),[160,0,0]),function(C){ah(4,C)}),U),F)(366,function(C,J,r){X((r=S(C),J=S(C),J),C,""+E(r,C))},U),426)),F)(395,function(C,J,r,N,O){for(r=(O=qn((J=S(C),C)),N=0,[]);N<O;N++)r.push(Q(C));X(J,C,r)},U),F(341,function(C){ah(3,C)},U),U.dh=0,function(C,J,r,N){r=(J=E((N=(J=S(C),S(C)),J),C),E)(N,C),X(N,C,r+J)}),U),U)),U),0),0),U)),[EK]),U),L([c,v],U),[XV,A]),U),U))},Q=function(U){return U.i?Vg(U.g,U):Z(U,8,true)},lX=function(U,v){return V[U](V.prototype,{call:v,floor:v,length:v,document:v,stack:v,replace:v,console:v,splice:v,prototype:v,pop:v,parent:v,propertyIsEnumerable:v})},R=function(U,v){for(v=[];U--;)v.push(255*Math.random()|0);return v},Cw=function(U,v,A,x,e){if(x=v[0],x==p)U.K=25,U.T(v);else if(x==W){A=v[1];try{e=U.A||U.T(v)}catch(C){K(U,C),e=U.A}A(e)}else if(x==fw)U.T(v);else if(x==c)U.T(v);else if(x==XV){try{for(e=0;e<U.o.length;e++)try{A=U.o[e],A[0][A[1]](A[2])}catch(C){}}catch(C){}(0,v[1])(function(C,J){U.s(C,true,J)},(U.o=[],function(C){L([(C=!U.u.length,D_)],U),C&&I(false,true,U)}))}else{if(x==M)return e=v[2],X(345,U,v[6]),X(368,U,e),U.T(v);x==D_?(U.F=[],U.B=null,U.V=[]):x==EK&&"loading"===n.document.readyState&&(U.J=function(C,J){function r(){J||(J=true,C())}(n.document.addEventListener("DOMContentLoaded",(J=false,r),q),n).addEventListener("load",r,q)})}},jr=function(U,v,A,x){h((A=(x=S(v),S(v)),A),v,H(U,E(x,v)))},I=function(U,v,A,x,e,C){if(A.u.length){A.uG=(A.j=!(A.j&&0(),0),v);try{x=A.G(),A.Y=x,A.N=0,A.U=x,C=yg(A,v),e=A.G()-A.U,A.R+=e,e<(U?0:10)||0>=A.K--||(e=Math.floor(e),A.F.push(254>=e?e:254))}finally{A.j=false}return C}},g,WF=function(U,v,A){if(3==U.length){for(A=0;3>A;A++)v[A]+=U[A];for(A=(U=0,[13,8,13,12,16,5,3,10,15]);9>U;U++)v[3](v,U%3,A[U])}},zh=function(U,v,A){if("object"==(v=typeof U,v))if(U){if(U instanceof Array)return"array";if(U instanceof Object)return v;if("[object Window]"==(A=Object.prototype.toString.call(U),A))return"object";if("[object Array]"==A||"number"==typeof U.length&&"undefined"!=typeof U.splice&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("splice"))return"array";if("[object Function]"==A||"undefined"!=typeof U.call&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==v&&"undefined"==typeof U.call)return"object";return v},Vg=function(U,v){return(U=U.create().shift(),v.i.create()).length||v.g.create().length||(v.g=void 0,v.i=void 0),U},Lw=function(U,v,A,x){for(A=(x=S(U),0);0<v;v--)A=A<<8|Q(U);X(x,U,A)},Y=function(U,v,A){A=this;try{kc(this,U,v)}catch(x){K(this,x),v(function(e){e(A.A)})}},F=function(U,v,A){v[X(U,A,v),EK]=2796},J4=function(U,v){X(403,v,(v.a1.push(v.B.slice()),v.B[403]=void 0,U))},xc=function(U,v,A,x,e,C){if(!v.A){v.h++;try{for(x=(e=0,A=v.H,void 0);--U;)try{if((C=void 0,v).i)x=Vg(v.i,v);else{if(e=E(403,v),e>=A)break;x=(C=(X(105,v,e),S(v)),E)(C,v)}G(v,(x&&x[D_]&2048?x(v,U):d(0,v,[P,21,C]),false),U,false)}catch(J){E(23,v)?d(22,v,J):X(23,v,J)}if(!U){if(v.Zr){xc(335982656583,(v.h--,v));return}d(0,v,[P,33])}}catch(J){try{d(22,v,J)}catch(r){K(v,r)}}v.h--}},G=function(U,v,A,x,e,C,J,r,N){if(U.W+=(U.P=((e=(r=(J=(C=(N=(v||U.N++,0<U.D&&U.j&&U.uG&&1>=U.h&&!U.i&&!U.J&&(!v||1<U.X-A)&&0==document.hidden),4==U.N))||N?U.G():U.Y,J)-U.Y,r>>14),U).v&&(U.v^=e*(r<<2)),e)||U.P,e),C||N)U.Y=J,U.N=0;if(!N||J-U.U<U.D-(x?255:v?5:2))return false;return!(((X(403,(x=E(v?105:403,(U.X=A,U)),U),U.H),U).u.push([fw,x,v?A+1:A]),U).J=FV,0)},Sr=function(U,v,A,x,e){for(v=(e=v[3]|0,v[2]|0),x=0;14>x;x++)U=U>>>8|U<<24,U+=A|0,U^=v+3462,A=A<<3|A>>>29,A^=U,e=e>>>8|e<<24,e+=v|0,e^=x+3462,v=v<<3|v>>>29,v^=e;return[A>>>24&255,A>>>16&255,A>>>8&255,A>>>0&255,U>>>24&255,U>>>16&255,U>>>8&255,U>>>0&255]},Rh=function(U,v,A,x){try{x=U[((v|0)+2)%3],U[v]=(U[v]|0)-(U[((v|0)+1)%3]|0)-(x|0)^(1==v?x<<A:x>>>A)}catch(e){throw e;}},Qg=function(U,v){return U(function(A){A(v)}),[function(){return v}]},K=function(U,v){U.A=((U.A?U.A+"~":"E:")+v.message+":"+v.stack).slice(0,2048)},bX=function(U,v,A,x){function e(){}return x=uX(U,function(C){e&&(v&&FV(v),A=C,e(),e=void 0)},(A=void 0,!!v))[0],{invoke:function(C,J,r,N){function O(){A(function(l){FV(function(){C(l)})},r)}if(!J)return J=x(r),C&&C(J),J;A?O():(N=e,e=function(){(N(),FV)(O)})}}},E=function(U,v){if((v=v.B[U],void 0)===v)throw[P,30,U];if(v.value)return v.create();return v.create(3*U*U+32*U+97),v.prototype},UK=function(U){return U},n=this||self,Ih=function(U,v,A,x,e,C){for(x=(v=(((A=(C=U[Gh]||{},S)(U),C).Al=S(U),C).S=[],U.P)==U?(Q(U)|0)-1:1,S)(U),e=0;e<v;e++)C.S.push(S(U));for(C.Bx=E(x,U);v--;)C.S[v]=E(C.S[v],U);return C.I=E(A,U),C},Z_=function(U,v){((v.push(U[0]<<24|U[1]<<16|U[2]<<8|U[3]),v).push(U[4]<<24|U[5]<<16|U[6]<<8|U[7]),v).push(U[8]<<24|U[9]<<16|U[10]<<8|U[11])},cF=function(U,v,A){return U.s(function(x){A=x},false,v),A},h=function(U,v,A,x,e,C){if(v.P==v)for(e=E(U,v),491==U?(U=function(J,r,N,O){if(e.k5!=(r=(O=e.length,(O|0)-4>>3),r)){r=(r<<(N=[0,0,C[1],(e.k5=r,C[2])],3))-4;try{e.Q8=Sr(A4(e,(r|0)+4),N,A4(e,r))}catch(l){throw l;}}e.push(e.Q8[O&7]^J)},C=E(217,v)):U=function(J){e.push(J)},x&&U(x&255),v=0,x=A.length;v<x;v++)U(A[v])},X=function(U,v,A){if(403==U||105==U)v.B[U]?v.B[U].concat(A):v.B[U]=mv(A,v);else{if(v.O&&495!=U)return;220==U||491==U||51==U||52==U||217==U?v.B[U]||(v.B[U]=Nn(62,A,v,U)):v.B[U]=Nn(97,A,v,U)}495==U&&(v.v=Z(v,32,false),v.l=void 0)},L=function(U,v){v.u.splice(0,0,U)},qn=function(U,v){return(v=Q(U),v)&128&&(v=v&127|Q(U)<<7),v},FV=n.requestIdleCallback?function(U){requestIdleCallback(function(){U()},{timeout:4})}:n.setImmediate?function(U){setImmediate(U)}:function(U){setTimeout(U,0)},yg=function(U,v,A,x){for(;U.u.length;){U.J=null,x=U.u.pop();try{A=Cw(U,x)}catch(e){K(U,e)}if(v&&U.J){(v=U.J,v)(function(){I(true,true,U)});break}}return A},B,ah=function(U,v,A,x,e){h(((A=E((A=S((e=U&4,U&=3,v)),x=S(v),A),v),e&&(A=pw(""+A)),U)&&h(x,v,H(2,A.length)),x),v,A)},d=function(U,v,A,x,e,C){if(!v.O){if((U=(0==(x=E(52,((C=void 0,A)&&A[0]===P&&(U=A[1],C=A[2],A=void 0),v)),x.length)&&(e=E(105,v)>>3,x.push(U,e>>8&255,e&255),void 0!=C&&x.push(C&255)),""),A&&(A.message&&(U+=A.message),A.stack&&(U+=":"+A.stack)),A=E(4,v),3)<A){v.P=(C=(U=(A-=((U=U.slice(0,(A|0)-3),U).length|0)+3,pw)(U),v.P),v);try{h(491,v,H(2,U.length).concat(U),9)}finally{v.P=C}}X(4,v,A)}},H=function(U,v,A,x){for(x=(U|0)-(A=[],1);0<=x;x--)A[(U|0)-1-(x|0)]=v>>8*x&255;return A},S=function(U,v){if(U.i)return Vg(U.g,U);return(v=Z(U,8,true),v&128)&&(v^=128,U=Z(U,2,true),v=(v<<2)+(U|0)),v},q={passive:true,capture:true},uX=function(U,v,A,x){return(x=g[U.substring(0,3)+"_"])?x(U.substring(3),v,A):Qg(v,U)},pw=function(U,v,A,x,e){for(e=(U=U.replace(/\\r\\n/g,"\\n"),A=v=0,[]);A<U.length;A++)x=U.charCodeAt(A),128>x?e[v++]=x:(2048>x?e[v++]=x>>6|192:(55296==(x&64512)&&A+1<U.length&&56320==(U.charCodeAt(A+1)&64512)?(x=65536+((x&1023)<<10)+(U.charCodeAt(++A)&1023),e[v++]=x>>18|240,e[v++]=x>>12&63|128):e[v++]=x>>12|224,e[v++]=x>>6&63|128),e[v++]=x&63|128);return e},mv=function(U,v,A){return((A=V[v.Z](v.Hx),A)[v.Z]=function(){return U},A).concat=function(x){U=x},A},Z=function(U,v,A,x,e,C,J,r,N,O,l,z,k,a){if(N=E(403,U),N>=U.H)throw[P,31];for(l=(z=(r=v,x=U.lG.length,0),N);0<r;)J=l%8,a=8-(J|0),O=l>>3,a=a<r?a:r,k=U.V[O],A&&(e=U,e.l!=l>>6&&(e.l=l>>6,C=E(495,e),e.C=Sr(e.l,[0,0,C[1],C[2]],e.v)),k^=U.C[O&x]),l+=a,z|=(k>>8-(J|0)-(a|0)&(1<<a)-1)<<(r|0)-(a|0),r-=a;return X(403,(A=z,U),(N|0)+(v|0)),A},Gh=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),p=((Y.prototype.mN=void 0,Y.prototype).U3=void 0,Y.prototype.Zr=false,[]),M=(Y.prototype.L="toString",[]),fw=[],P={},XV=[],EK=[],c=[],D_=[],W=[],er=((((((((Z_,function(){})(R),Rh,function(){})(WF),B=Y.prototype,B.vx=function(U,v,A){return U^((v=(v^=v<<13,v^=v>>17,(v^v<<5)&A))||(v=1),v)},B).Tk=function(U,v,A,x,e){for(e=x=0;x<U.length;x++)e+=U.charCodeAt(x),e+=e<<10,e^=e>>6;return(U=(e+=e<<3,e^=e>>11,e+(e<<15))>>>0,x=new Number(U&(1<<v)-1),x)[0]=(U>>>v)%A,x},Y.prototype).Z="create",B.s=function(U,v,A,x,e){if((A="array"===zh(A)?A:[A],this).A)U(this.A);else try{x=[],e=!this.u.length,L([p,x,A],this),L([W,U,x],this),v&&!e||I(true,v,this)}catch(C){K(this,C),U(this.A)}},B).y8=function(){return Math.floor(this.R+(this.G()-this.U))},B).ff=function(U,v,A,x,e,C){for(A=(e=C=0,[]);C<U.length;C++)for(x=x<<v|U[C],e+=v;7<e;)e-=8,A.push(x>>e&255);return A},B).G=(window.performance||{}).now?function(){return this.Gk+window.performance.now()}:function(){return+new Date},void 0),V=P.constructor;(B.gh=function(){return Math.floor(this.G())},Y.prototype).T=function(U,v){return U={},er=function(){return v==U?97:61},v={},function(A,x,e,C,J,r,N,O,l,z,k,a,m,y,f){v=(C=v,U);try{if(f=A[0],f==c){a=A[1];try{for(r=atob((x=[],a)),l=O=0;O<r.length;O++)y=r.charCodeAt(O),255<y&&(x[l++]=y&255,y>>=8),x[l++]=y;X(495,(this.H=(this.V=x,this.V.length<<3),this),[0,0,0])}catch(u){d(17,this,u);return}xc(8001,this)}else if(f==p)A[1].push(E(220,this).length,E(51,this).length,E(4,this),E(491,this).length),X(368,this,A[2]),this.B[458]&&r0(8001,E(458,this),this);else{if(f==W){this.P=(m=H(2,(E(220,(O=A[2],this)).length|0)+2),J=this.P,this);try{N=E(52,this),0<N.length&&h(220,this,H(2,N.length).concat(N),10),h(220,this,H(1,this.W),109),h(220,this,H(1,this[W].length)),r=0,r-=(E(220,this).length|0)+5,r+=E(109,this)&2047,z=E(491,this),4<z.length&&(r-=(z.length|0)+3),0<r&&h(220,this,H(2,r).concat(R(r)),15),4<z.length&&h(220,this,H(2,z.length).concat(z),156)}finally{this.P=J}if(e=(l=R(2).concat(E(220,this)),l[1]=l[0]^6,l[3]=l[1]^m[0],l[4]=l[1]^m[1],this).iG(l))e="!"+e;else for(r=0,e="";r<l.length;r++)k=l[r][this.L](16),1==k.length&&(k="0"+k),e+=k;return E(491,(E((x=e,220),this).length=O.shift(),E(51,this).length=O.shift(),X(4,this,O.shift()),this)).length=O.shift(),x}if(f==fw)r0(A[2],A[1],this);else if(f==M)return r0(8001,A[1],this)}}finally{v=C}}}();var nw,OK=(Y.prototype.hl=(Y.prototype[XV]=[0,0,1,1,0,1,1],Y.prototype.iG=function(U,v,A,x){if(x=window.btoa){for(A=(v=0,"");v<U.length;v+=8192)A+=String.fromCharCode.apply(null,U.slice(v,v+8192));U=x(A).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else U=void 0;return U},Y.prototype.Jl=0,0),/./),Kw=c.pop.bind(Y.prototype[p]),Mn=(nw=lX(Y.prototype.Z,{get:(OK[Y.prototype.L]=Kw,Kw)}),Y.prototype.Su=void 0,function(U,v){return(v=vF())&&1===U.eval(v.createScript("1"))?function(A){return v.createScript(A)}:function(A){return""+A}})(n);40<(g=n.botguard||(n.botguard={}),g.m)||(g.m=41,g.bg=bX,g.a=uX),g.qBf_=function(U,v,A){return A=new Y(U,v),[function(x){return cF(A,x)}]};}).call(this);'));
}).call(this);
                                    

#3 JavaScript::Eval (size: 8, repeated: 1) - SHA256: 3c4b9b06fe520e9d07b2150eebd412a59c91d789706d99a2b2dc9bf217604d1f

                                        _ate.cbs
                                    

#4 JavaScript::Eval (size: 15850, repeated: 1) - SHA256: 625463f28ccabc0929b14702c377f1eb4de4456296028f383f233bb4a9b75ed9

                                        (function() {
    var vF = function(U, v) {
            if (!(U = (v = null, n.trustedTypes), U) || !U.createPolicy) return v;
            try {
                v = U.createPolicy("bg", {
                    createHTML: UK,
                    createScript: UK,
                    createScriptURL: UK
                })
            } catch (A) {
                n.console && n.console.error(A.message)
            }
            return v
        },
        oh = function(U, v, A, x, e, C) {
            function J() {
                if (v.P == v) {
                    if (v.B) {
                        var r = [M, x, U, void 0, e, C, arguments];
                        if (2 == A) var N = I(false, false, (L(r, v), v));
                        else if (1 == A) {
                            var O = !v.u.length;
                            L(r, v), O && I(false, false, v)
                        } else N = Cw(v, r);
                        return N
                    }
                    e && C && e.removeEventListener(C, J, q)
                }
            }
            return J
        },
        A4 = function(U, v) {
            return U[v] << 24 | U[(v | 0) + 1] << 16 | U[(v | 0) + 2] << 8 | U[(v | 0) + 3]
        },
        r0 = function(U, v, A, x) {
            return (X(403, A, (xc((x = E(403, A), A.V && x < A.H ? (X(403, A, A.H), J4(v, A)) : X(403, A, v), U), A), x)), E)(368, A)
        },
        Nn = function(U, v, A, x, e, C, J, r) {
            return (v = [60, 32, -94, 21, 71, (J = U & (r = er, 7), 74), v, 90, 56, 20], C = V[A.Z](A.Px), C[A.Z] = function(N) {
                J += 6 + 7 * (e = N, U), J &= 7
            }, C).concat = function(N) {
                return (e = (N = (N = (N = x % 16 + 1, +v[J + 43 & 7] * x * N - 1184 * x * e + J + 37 * e * e + (r() | 0) * N) + 3 * x * x * N - 111 * x * x * e - N * e - 3589 * e, v[N]), void 0), v)[(J + 21 & 7) + (U & 2)] = N, v[J + (U & 2)] = 32, N
            }, C
        },
        kc = function(U, v, A, x, e) {
            for (e = (x = (U.Px = (U.lG = U[U.Mx = (U.pf = nw, OK), W], lX)(U.Z, {get: function() {
                        return this.concat()
                    }
                }), U.Hx = V[U.Z](U.Px, {
                    value: {
                        value: {}
                    }
                }), 0), []); 128 > x; x++) e[x] = String.fromCharCode(x);
            I(true, true, (L((L((F(260, function(C, J, r, N, O, l, z, k, a, m, y, f) {
                function u(D, b) {
                    for (; l < D;) r |= Q(C) << l, l += 8;
                    return b = r & (l -= D, (1 << D) - 1), r >>= D, b
                }
                for (k = ((l = (a = S(C), r = 0), u(3)) | 0) + 1, O = u(5), J = [], z = m = 0; z < O; z++) y = u(1), J.push(y), m += y ? 0 : 1;
                for (z = (m = ((m | 0) - 1).toString(2).length, N = [], 0); z < O; z++) J[z] || (N[z] = u(m));
                for (m = 0; m < O; m++) J[m] && (N[m] = S(C));
                for (f = []; k--;) f.push(E(S(C), C));
                F(a, function(D, b, w, T, t) {
                    for (w = (T = [], 0), b = []; w < O; w++) {
                        if (!J[t = N[w], w]) {
                            for (; t >= T.length;) T.push(S(D));
                            t = T[t]
                        }
                        b.push(t)
                    }
                    D.g = mv((D.i = mv(f.slice(), D), b), D)
                }, C)
            }, (U.zk = (X(39, (F(153, function(C, J) {
                J4((J = E(S(C), C), J), C.P)
            }, (F(76, ((X(23, U, ((F(257, (X(220, (F(203, function(C, J, r, N) {
                J = (r = S(C), N = S(C), S(C)), C.P == C && (J = E(J, C), N = E(N, C), E(r, C)[N] = J, 495 == r && (C.l = void 0, 2 == N && (C.v = Z(C, 32, false), C.l = void 0)))
            }, (F(77, function(C, J, r, N, O, l, z) {
                for (r = (O = (l = E((N = (z = qn((J = S(C), C)), ""), 48), C), l.length), 0); z--;) r = ((r | 0) + (qn(C) | 0)) % O, N += e[l[r]];
                X(J, C, N)
            }, (F(197, function(C, J) {
                (J = S(C), C = E(J, C.P), C[0]).removeEventListener(C[1], C[2], q)
            }, (F(145, function(C, J, r, N, O, l) {
                if (!G(C, true, J, true)) {
                    if ("object" == (r = (l = (r = S((O = S((J = (l = S(C), S(C)), C)), C)), J = E(J, C), E(l, C)), E(r, C)), C = E(O, C), zh(l))) {
                        for (N in O = [], l) O.push(N);
                        l = O
                    }
                    for (O = (N = 0, C = 0 < C ? C : 1, l).length; N < O; N += C) J(l.slice(N, (N | 0) + (C | 0)), r)
                }
            }, (F(204, (X(4, (F(146, (F(319, (F(247, function(C, J, r, N, O) {
                X((J = (O = E((N = E((N = (J = (O = S((r = S(C), C)), S(C)), S(C)), N), C), O), C), E)(J, C), r), C, oh(J, C, N, O))
            }, (X(109, U, ((X(368, U, (F(42, (X(217, (F(486, (F(55, (F(226, function(C, J, r, N) {
                !G(C, true, J, false) && (J = Ih(C), N = J.Bx, r = J.I, C.P == C || r == C.nf && N == C) && (X(J.Al, C, r.apply(N, J.S)), C.Y = C.G())
            }, (F(308, (F(436, (U.Y5 = (F(483, function(C, J, r, N) {
                if (J = C.a1.pop()) {
                    for (N = Q(C); 0 < N; N--) r = S(C), J[r] = C.B[r];
                    C.B = (J[4] = C.B[J[52] = C.B[52], 4], J)
                } else X(403, C, C.H)
            }, (F(405, function(C) {
                jr(4, C)
            }, (F(475, (X(52, (F(64, function(C, J, r) {
                (r = (r = (J = S(C), S)(C), E)(r, C), 0) != E(J, C) && X(403, C, r)
            }, (X(491, U, (F(460, (F(131, (X(51, U, (X(((X(403, (((U.H = 0, U.V8 = (U.o = [], U.B = [], U.g = (U.a1 = [], U.O = (U.D = 0, false), U.N = void 0, void 0), ((U.i = void 0, U).A = (x = window.performance || {}, void 0), U).U = (U.X = ((U.uG = (U.l = void 0, U.j = false, !(U.R = 0, 1)), U).h = (U.P = U, U.V = (U.J = (U.W = 1, null), []), U.F = [], 0), U.C = void 0, 8001), U.K = (U.v = void 0, 25), U.Y = 0, 0), 0), U).nf = function(C) {
                this.P = C
            }, U.u = [], U).Gk = x.timeOrigin || (x.timing || {}).navigationStart || 0, U), 0), X)(105, U, 0), 208), U, U), [])), function(C, J, r, N) {
                (r = E((N = (J = S((r = (N = S(C), S(C)), C)), E(N, C)), r), C), X)(J, C, N[r])
            }), U), function(C, J, r, N) {
                r = E((J = S((N = S(C), r = S(C), C)), r), C), N = E(N, C) == r, X(J, C, +N)
            }), U), R(4))), F(478, function(C, J, r, N) {
                X((r = E((J = E((r = S((J = S(C), C)), N = S(C), J), C), r), C), N), C, J in r | 0)
            }, U), U)), U), []), function(C) {
                Lw(C, 4)
            }), U), U)), U)), 0), function() {}), U), function(C, J, r, N, O, l) {
                G(C, true, J, false) || (l = Ih(C.P), N = l.Bx, O = l.I, J = l.Al, l = l.S, r = l.length, N = 0 == r ? new N[O] : 1 == r ? new N[O](l[0]) : 2 == r ? new N[O](l[0], l[1]) : 3 == r ? new N[O](l[0], l[1], l[2]) : 4 == r ? new N[O](l[0], l[1], l[2], l[3]) : 2(), X(J, C, N))
            }), U), U)), function(C, J, r, N) {
                X((r = S((N = (J = S(C), Q)(C), C)), r), C, E(J, C) >>> N)
            }), U), function(C) {
                jr(1, C)
            }), U), U), [0, 0, 0]), function(C, J, r, N, O) {
                0 !== (J = E((N = (r = E((O = (J = (r = (N = (O = S(C), S(C)), S(C)), S)(C), E(O, C.P)), r), C), E)(N, C), J), C), O) && (J = oh(J, C, 1, r, O, N), O.addEventListener(N, J, q), X(39, C, [O, N, J]))
            }), U), {})), X)(16, U, n), 0)), U)), function(C, J, r, N) {
                r = (J = S(C), N = S(C), S)(C), X(r, C, E(J, C) || E(N, C))
            }), U), function(C, J, r) {
                X((r = (J = (r = S(C), S(C)), r = E(r, C), zh)(r), J), C, r)
            }), U), U), 2048), function(C, J, r) {
                G(C, true, J, false) || (J = S(C), r = S(C), X(r, C, function(N) {
                    return eval(N)
                }(Mn(E(J, C.P)))))
            }), U), U)), U)), U)), U)), U), [160, 0, 0]), function(C) {
                ah(4, C)
            }), U), F)(366, function(C, J, r) {
                X((r = S(C), J = S(C), J), C, "" + E(r, C))
            }, U), 426)), F)(395, function(C, J, r, N, O) {
                for (r = (O = qn((J = S(C), C)), N = 0, []); N < O; N++) r.push(Q(C));
                X(J, C, r)
            }, U), F(341, function(C) {
                ah(3, C)
            }, U), U.dh = 0, function(C, J, r, N) {
                r = (J = E((N = (J = S(C), S(C)), J), C), E)(N, C), X(N, C, r + J)
            }), U), U)), U), 0), 0), U)), [EK]), U), L([c, v], U), [XV, A]), U), U))
        },
        Q = function(U) {
            return U.i ? Vg(U.g, U) : Z(U, 8, true)
        },
        lX = function(U, v) {
            return V[U](V.prototype, {
                call: v,
                floor: v,
                length: v,
                document: v,
                stack: v,
                replace: v,
                console: v,
                splice: v,
                prototype: v,
                pop: v,
                parent: v,
                propertyIsEnumerable: v
            })
        },
        R = function(U, v) {
            for (v = []; U--;) v.push(255 * Math.random() | 0);
            return v
        },
        Cw = function(U, v, A, x, e) {
            if (x = v[0], x == p) U.K = 25, U.T(v);
            else if (x == W) {
                A = v[1];
                try {
                    e = U.A || U.T(v)
                } catch (C) {
                    K(U, C), e = U.A
                }
                A(e)
            } else if (x == fw) U.T(v);
            else if (x == c) U.T(v);
            else if (x == XV) {
                try {
                    for (e = 0; e < U.o.length; e++) try {
                        A = U.o[e], A[0][A[1]](A[2])
                    } catch (C) {}
                } catch (C) {}(0, v[1])(function(C, J) {
                    U.s(C, true, J)
                }, (U.o = [], function(C) {
                    L([(C = !U.u.length, D_)], U), C && I(false, true, U)
                }))
            } else {
                if (x == M) return e = v[2], X(345, U, v[6]), X(368, U, e), U.T(v);
                x == D_ ? (U.F = [], U.B = null, U.V = []) : x == EK && "loading" === n.document.readyState && (U.J = function(C, J) {
                    function r() {
                        J || (J = true, C())
                    }(n.document.addEventListener("DOMContentLoaded", (J = false, r), q), n).addEventListener("load", r, q)
                })
            }
        },
        jr = function(U, v, A, x) {
            h((A = (x = S(v), S(v)), A), v, H(U, E(x, v)))
        },
        I = function(U, v, A, x, e, C) {
            if (A.u.length) {
                A.uG = (A.j = !(A.j && 0(), 0), v);
                try {
                    x = A.G(), A.Y = x, A.N = 0, A.U = x, C = yg(A, v), e = A.G() - A.U, A.R += e, e < (U ? 0 : 10) || 0 >= A.K-- || (e = Math.floor(e), A.F.push(254 >= e ? e : 254))
                } finally {
                    A.j = false
                }
                return C
            }
        },
        g, WF = function(U, v, A) {
            if (3 == U.length) {
                for (A = 0; 3 > A; A++) v[A] += U[A];
                for (A = (U = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > U; U++) v[3](v, U % 3, A[U])
            }
        },
        zh = function(U, v, A) {
            if ("object" == (v = typeof U, v))
                if (U) {
                    if (U instanceof Array) return "array";
                    if (U instanceof Object) return v;
                    if ("[object Window]" == (A = Object.prototype.toString.call(U), A)) return "object";
                    if ("[object Array]" == A || "number" == typeof U.length && "undefined" != typeof U.splice && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == A || "undefined" != typeof U.call && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == v && "undefined" == typeof U.call) return "object";
            return v
        },
        Vg = function(U, v) {
            return (U = U.create().shift(), v.i.create()).length || v.g.create().length || (v.g = void 0, v.i = void 0), U
        },
        Lw = function(U, v, A, x) {
            for (A = (x = S(U), 0); 0 < v; v--) A = A << 8 | Q(U);
            X(x, U, A)
        },
        Y = function(U, v, A) {
            A = this;
            try {
                kc(this, U, v)
            } catch (x) {
                K(this, x), v(function(e) {
                    e(A.A)
                })
            }
        },
        F = function(U, v, A) {
            v[X(U, A, v), EK] = 2796
        },
        J4 = function(U, v) {
            X(403, v, (v.a1.push(v.B.slice()), v.B[403] = void 0, U))
        },
        xc = function(U, v, A, x, e, C) {
            if (!v.A) {
                v.h++;
                try {
                    for (x = (e = 0, A = v.H, void 0); --U;) try {
                        if ((C = void 0, v).i) x = Vg(v.i, v);
                        else {
                            if (e = E(403, v), e >= A) break;
                            x = (C = (X(105, v, e), S(v)), E)(C, v)
                        }
                        G(v, (x && x[D_] & 2048 ? x(v, U) : d(0, v, [P, 21, C]), false), U, false)
                    } catch (J) {
                        E(23, v) ? d(22, v, J) : X(23, v, J)
                    }
                    if (!U) {
                        if (v.Zr) {
                            xc(335982656583, (v.h--, v));
                            return
                        }
                        d(0, v, [P, 33])
                    }
                } catch (J) {
                    try {
                        d(22, v, J)
                    } catch (r) {
                        K(v, r)
                    }
                }
                v.h--
            }
        },
        G = function(U, v, A, x, e, C, J, r, N) {
            if (U.W += (U.P = ((e = (r = (J = (C = (N = (v || U.N++, 0 < U.D && U.j && U.uG && 1 >= U.h && !U.i && !U.J && (!v || 1 < U.X - A) && 0 == document.hidden), 4 == U.N)) || N ? U.G() : U.Y, J) - U.Y, r >> 14), U).v && (U.v ^= e * (r << 2)), e) || U.P, e), C || N) U.Y = J, U.N = 0;
            if (!N || J - U.U < U.D - (x ? 255 : v ? 5 : 2)) return false;
            return !(((X(403, (x = E(v ? 105 : 403, (U.X = A, U)), U), U.H), U).u.push([fw, x, v ? A + 1 : A]), U).J = FV, 0)
        },
        Sr = function(U, v, A, x, e) {
            for (v = (e = v[3] | 0, v[2] | 0), x = 0; 14 > x; x++) U = U >>> 8 | U << 24, U += A | 0, U ^= v + 3462, A = A << 3 | A >>> 29, A ^= U, e = e >>> 8 | e << 24, e += v | 0, e ^= x + 3462, v = v << 3 | v >>> 29, v ^= e;
            return [A >>> 24 & 255, A >>> 16 & 255, A >>> 8 & 255, A >>> 0 & 255, U >>> 24 & 255, U >>> 16 & 255, U >>> 8 & 255, U >>> 0 & 255]
        },
        Rh = function(U, v, A, x) {
            try {
                x = U[((v | 0) + 2) % 3], U[v] = (U[v] | 0) - (U[((v | 0) + 1) % 3] | 0) - (x | 0) ^ (1 == v ? x << A : x >>> A)
            } catch (e) {
                throw e;
            }
        },
        Qg = function(U, v) {
            return U(function(A) {
                A(v)
            }), [function() {
                return v
            }]
        },
        K = function(U, v) {
            U.A = ((U.A ? U.A + "~" : "E:") + v.message + ":" + v.stack).slice(0, 2048)
        },
        bX = function(U, v, A, x) {
            function e() {}
            return x = uX(U, function(C) {
                e && (v && FV(v), A = C, e(), e = void 0)
            }, (A = void 0, !!v))[0], {
                invoke: function(C, J, r, N) {
                    function O() {
                        A(function(l) {
                            FV(function() {
                                C(l)
                            })
                        }, r)
                    }
                    if (!J) return J = x(r), C && C(J), J;
                    A ? O() : (N = e, e = function() {
                        (N(), FV)(O)
                    })
                }
            }
        },
        E = function(U, v) {
            if ((v = v.B[U], void 0) === v) throw [P, 30, U];
            if (v.value) return v.create();
            return v.create(3 * U * U + 32 * U + 97), v.prototype
        },
        UK = function(U) {
            return U
        },
        n = this || self,
        Ih = function(U, v, A, x, e, C) {
            for (x = (v = (((A = (C = U[Gh] || {}, S)(U), C).Al = S(U), C).S = [], U.P) == U ? (Q(U) | 0) - 1 : 1, S)(U), e = 0; e < v; e++) C.S.push(S(U));
            for (C.Bx = E(x, U); v--;) C.S[v] = E(C.S[v], U);
            return C.I = E(A, U), C
        },
        Z_ = function(U, v) {
            ((v.push(U[0] << 24 | U[1] << 16 | U[2] << 8 | U[3]), v).push(U[4] << 24 | U[5] << 16 | U[6] << 8 | U[7]), v).push(U[8] << 24 | U[9] << 16 | U[10] << 8 | U[11])
        },
        cF = function(U, v, A) {
            return U.s(function(x) {
                A = x
            }, false, v), A
        },
        h = function(U, v, A, x, e, C) {
            if (v.P == v)
                for (e = E(U, v), 491 == U ? (U = function(J, r, N, O) {
                        if (e.k5 != (r = (O = e.length, (O | 0) - 4 >> 3), r)) {
                            r = (r << (N = [0, 0, C[1], (e.k5 = r, C[2])], 3)) - 4;
                            try {
                                e.Q8 = Sr(A4(e, (r | 0) + 4), N, A4(e, r))
                            } catch (l) {
                                throw l;
                            }
                        }
                        e.push(e.Q8[O & 7] ^ J)
                    }, C = E(217, v)) : U = function(J) {
                        e.push(J)
                    }, x && U(x & 255), v = 0, x = A.length; v < x; v++) U(A[v])
        },
        X = function(U, v, A) {
            if (403 == U || 105 == U) v.B[U] ? v.B[U].concat(A) : v.B[U] = mv(A, v);
            else {
                if (v.O && 495 != U) return;
                220 == U || 491 == U || 51 == U || 52 == U || 217 == U ? v.B[U] || (v.B[U] = Nn(62, A, v, U)) : v.B[U] = Nn(97, A, v, U)
            }
            495 == U && (v.v = Z(v, 32, false), v.l = void 0)
        },
        L = function(U, v) {
            v.u.splice(0, 0, U)
        },
        qn = function(U, v) {
            return (v = Q(U), v) & 128 && (v = v & 127 | Q(U) << 7), v
        },
        FV = n.requestIdleCallback ? function(U) {
            requestIdleCallback(function() {
                U()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(U) {
            setImmediate(U)
        } : function(U) {
            setTimeout(U, 0)
        },
        yg = function(U, v, A, x) {
            for (; U.u.length;) {
                U.J = null, x = U.u.pop();
                try {
                    A = Cw(U, x)
                } catch (e) {
                    K(U, e)
                }
                if (v && U.J) {
                    (v = U.J, v)(function() {
                        I(true, true, U)
                    });
                    break
                }
            }
            return A
        },
        B, ah = function(U, v, A, x, e) {
            h(((A = E((A = S((e = U & 4, U &= 3, v)), x = S(v), A), v), e && (A = pw("" + A)), U) && h(x, v, H(2, A.length)), x), v, A)
        },
        d = function(U, v, A, x, e, C) {
            if (!v.O) {
                if ((U = (0 == (x = E(52, ((C = void 0, A) && A[0] === P && (U = A[1], C = A[2], A = void 0), v)), x.length) && (e = E(105, v) >> 3, x.push(U, e >> 8 & 255, e & 255), void 0 != C && x.push(C & 255)), ""), A && (A.message && (U += A.message), A.stack && (U += ":" + A.stack)), A = E(4, v), 3) < A) {
                    v.P = (C = (U = (A -= ((U = U.slice(0, (A | 0) - 3), U).length | 0) + 3, pw)(U), v.P), v);
                    try {
                        h(491, v, H(2, U.length).concat(U), 9)
                    } finally {
                        v.P = C
                    }
                }
                X(4, v, A)
            }
        },
        H = function(U, v, A, x) {
            for (x = (U | 0) - (A = [], 1); 0 <= x; x--) A[(U | 0) - 1 - (x | 0)] = v >> 8 * x & 255;
            return A
        },
        S = function(U, v) {
            if (U.i) return Vg(U.g, U);
            return (v = Z(U, 8, true), v & 128) && (v ^= 128, U = Z(U, 2, true), v = (v << 2) + (U | 0)), v
        },
        q = {
            passive: true,
            capture: true
        },
        uX = function(U, v, A, x) {
            return (x = g[U.substring(0, 3) + "_"]) ? x(U.substring(3), v, A) : Qg(v, U)
        },
        pw = function(U, v, A, x, e) {
            for (e = (U = U.replace(/\r\n/g, "\n"), A = v = 0, []); A < U.length; A++) x = U.charCodeAt(A), 128 > x ? e[v++] = x : (2048 > x ? e[v++] = x >> 6 | 192 : (55296 == (x & 64512) && A + 1 < U.length && 56320 == (U.charCodeAt(A + 1) & 64512) ? (x = 65536 + ((x & 1023) << 10) + (U.charCodeAt(++A) & 1023), e[v++] = x >> 18 | 240, e[v++] = x >> 12 & 63 | 128) : e[v++] = x >> 12 | 224, e[v++] = x >> 6 & 63 | 128), e[v++] = x & 63 | 128);
            return e
        },
        mv = function(U, v, A) {
            return ((A = V[v.Z](v.Hx), A)[v.Z] = function() {
                return U
            }, A).concat = function(x) {
                U = x
            }, A
        },
        Z = function(U, v, A, x, e, C, J, r, N, O, l, z, k, a) {
            if (N = E(403, U), N >= U.H) throw [P, 31];
            for (l = (z = (r = v, x = U.lG.length, 0), N); 0 < r;) J = l % 8, a = 8 - (J | 0), O = l >> 3, a = a < r ? a : r, k = U.V[O], A && (e = U, e.l != l >> 6 && (e.l = l >> 6, C = E(495, e), e.C = Sr(e.l, [0, 0, C[1], C[2]], e.v)), k ^= U.C[O & x]), l += a, z |= (k >> 8 - (J | 0) - (a | 0) & (1 << a) - 1) << (r | 0) - (a | 0), r -= a;
            return X(403, (A = z, U), (N | 0) + (v | 0)), A
        },
        Gh = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        p = ((Y.prototype.mN = void 0, Y.prototype).U3 = void 0, Y.prototype.Zr = false, []),
        M = (Y.prototype.L = "toString", []),
        fw = [],
        P = {},
        XV = [],
        EK = [],
        c = [],
        D_ = [],
        W = [],
        er = ((((((((Z_, function() {})(R), Rh, function() {})(WF), B = Y.prototype, B.vx = function(U, v, A) {
            return U ^ ((v = (v ^= v << 13, v ^= v >> 17, (v ^ v << 5) & A)) || (v = 1), v)
        }, B).Tk = function(U, v, A, x, e) {
            for (e = x = 0; x < U.length; x++) e += U.charCodeAt(x), e += e << 10, e ^= e >> 6;
            return (U = (e += e << 3, e ^= e >> 11, e + (e << 15)) >>> 0, x = new Number(U & (1 << v) - 1), x)[0] = (U >>> v) % A, x
        }, Y.prototype).Z = "create", B.s = function(U, v, A, x, e) {
            if ((A = "array" === zh(A) ? A : [A], this).A) U(this.A);
            else try {
                x = [], e = !this.u.length, L([p, x, A], this), L([W, U, x], this), v && !e || I(true, v, this)
            } catch (C) {
                K(this, C), U(this.A)
            }
        }, B).y8 = function() {
            return Math.floor(this.R + (this.G() - this.U))
        }, B).ff = function(U, v, A, x, e, C) {
            for (A = (e = C = 0, []); C < U.length; C++)
                for (x = x << v | U[C], e += v; 7 < e;) e -= 8, A.push(x >> e & 255);
            return A
        }, B).G = (window.performance || {}).now ? function() {
            return this.Gk + window.performance.now()
        } : function() {
            return +new Date
        }, void 0),
        V = P.constructor;
    (B.gh = function() {
        return Math.floor(this.G())
    }, Y.prototype).T = function(U, v) {
        return U = {}, er = function() {
                return v == U ? 97 : 61
            }, v = {},
            function(A, x, e, C, J, r, N, O, l, z, k, a, m, y, f) {
                v = (C = v, U);
                try {
                    if (f = A[0], f == c) {
                        a = A[1];
                        try {
                            for (r = atob((x = [], a)), l = O = 0; O < r.length; O++) y = r.charCodeAt(O), 255 < y && (x[l++] = y & 255, y >>= 8), x[l++] = y;
                            X(495, (this.H = (this.V = x, this.V.length << 3), this), [0, 0, 0])
                        } catch (u) {
                            d(17, this, u);
                            return
                        }
                        xc(8001, this)
                    } else if (f == p) A[1].push(E(220, this).length, E(51, this).length, E(4, this), E(491, this).length), X(368, this, A[2]), this.B[458] && r0(8001, E(458, this), this);
                    else {
                        if (f == W) {
                            this.P = (m = H(2, (E(220, (O = A[2], this)).length | 0) + 2), J = this.P, this);
                            try {
                                N = E(52, this), 0 < N.length && h(220, this, H(2, N.length).concat(N), 10), h(220, this, H(1, this.W), 109), h(220, this, H(1, this[W].length)), r = 0, r -= (E(220, this).length | 0) + 5, r += E(109, this) & 2047, z = E(491, this), 4 < z.length && (r -= (z.length | 0) + 3), 0 < r && h(220, this, H(2, r).concat(R(r)), 15), 4 < z.length && h(220, this, H(2, z.length).concat(z), 156)
                            } finally {
                                this.P = J
                            }
                            if (e = (l = R(2).concat(E(220, this)), l[1] = l[0] ^ 6, l[3] = l[1] ^ m[0], l[4] = l[1] ^ m[1], this).iG(l)) e = "!" + e;
                            else
                                for (r = 0, e = ""; r < l.length; r++) k = l[r][this.L](16), 1 == k.length && (k = "0" + k), e += k;
                            return E(491, (E((x = e, 220), this).length = O.shift(), E(51, this).length = O.shift(), X(4, this, O.shift()), this)).length = O.shift(), x
                        }
                        if (f == fw) r0(A[2], A[1], this);
                        else if (f == M) return r0(8001, A[1], this)
                    }
                } finally {
                    v = C
                }
            }
    }();
    var nw, OK = (Y.prototype.hl = (Y.prototype[XV] = [0, 0, 1, 1, 0, 1, 1], Y.prototype.iG = function(U, v, A, x) {
            if (x = window.btoa) {
                for (A = (v = 0, ""); v < U.length; v += 8192) A += String.fromCharCode.apply(null, U.slice(v, v + 8192));
                U = x(A).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else U = void 0;
            return U
        }, Y.prototype.Jl = 0, 0), /./),
        Kw = c.pop.bind(Y.prototype[p]),
        Mn = (nw = lX(Y.prototype.Z, {get: (OK[Y.prototype.L] = Kw, Kw)
        }), Y.prototype.Su = void 0, function(U, v) {
            return (v = vF()) && 1 === U.eval(v.createScript("1")) ? function(A) {
                return v.createScript(A)
            } : function(A) {
                return "" + A
            }
        })(n);
    40 < (g = n.botguard || (n.botguard = {}), g.m) || (g.m = 41, g.bg = bX, g.a = uX), g.qBf_ = function(U, v, A) {
        return A = new Y(U, v), [function(x) {
            return cF(A, x)
        }]
    };
}).call(this);
                                    

#5 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 87c99b9a88a42ee46bbe6ce447b600a1653142b3ebb7b9ed96bc786f7a99d488

                                        0,
function(C, J, r) {
    X((J = (r = (J = S(C), S)(C), C.B[J]) && E(J, C), r), C, J)
}
                                    

#6 JavaScript::Eval (size: 11, repeated: 1) - SHA256: 8ee784d797ce97ed9716bb42682346deb0c7ae8ff75d7ad8ae60508907054c16

                                        addthis.cbs
                                    

#7 JavaScript::Eval (size: 22, repeated: 1) - SHA256: ba41c5348d38a6ebd3399d0378ae76921f287d04f94ff5d93d6709e7f2a962b7

                                        0,
function(C) {
    Lw(C, 2)
}
                                    

Executed Writes (0)



HTTP Transactions (82)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 16:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4fdZXbRZgkcMMb8rR-BNJU2DF4YAiKRH2zcTIzDmc_HQOGvJQ3vwCw==
Age: 1765


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         138.68.231.91
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 04 Oct 2022 17:16:29 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Content-Length: 579
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (323)
Size:   579
Md5:    bf41e9786ea8f1c03eaf1ff13856280e
Sha1:   66fab35e1eeb83be413ae94747df067d0afe74da
Sha256: 1a9957563ad91535fc35466b965548ff7f043062082e09faa42cca91464d30e3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8455
Expires: Tue, 04 Oct 2022 19:37:24 GMT
Date: Tue, 04 Oct 2022 17:16:29 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JD3x_D6f0i-nf85VoPPuhJeHV5C5ACCAdJU7__KUb-OVh0ZiS1e4Hg==
age: 42482
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 17:16:29 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D6F61B1EF26BE73B7AA018E133AEB290A6C7888A10D5941B44BAB2EF08096AA"
Last-Modified: Sun, 02 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Tue, 04 Oct 2022 23:16:16 GMT
Date: Tue, 04 Oct 2022 17:16:29 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 16:29:33 GMT
Expires: Tue, 04 Oct 2022 16:31:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C2IR4bqds8pSCKtupIsyCck2rYCSkPNxL4CYxNf1xiMo3t-dL4C9GA==
Age: 2816


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4325
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 17:16:30 GMT
Last-Modified: Tue, 04 Oct 2022 16:04:25 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         138.68.231.91
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 17:16:29 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.contabilidadenobrasil.com.br/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10087
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (8047), with CRLF, LF line terminators
Size:   10087
Md5:    1d8c311d949bbfc1e487910c8ef3656a
Sha1:   d7669094985102e768eea8aeb6f496c1f077289f
Sha256: cdb0934f32e762f694a1a1e7b321d6ba462113df6fee0cf4b1089bc017a2109f
                                        
                                            GET /js/integration/stable/rd-js-integration.min.js HTTP/1.1 
Host: d335luupugsy2.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.19
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 5126
last-modified: Mon, 14 Mar 2022 19:11:46 GMT
content-encoding: gzip
x-amz-version-id: EFK6hy2tasKcabJ9JHnpmDSfRZbvtSM9
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 14:54:22 GMT
cache-control: max-age=86400, must-revalidate
etag: "037b8303bce609f3647bd079508031b2"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gsx0eEftu1I5hLlY2XHUW61q47FPJR08DjdLvhPSGklk9QK-Csp7mg==
age: 55667
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (14095)
Size:   5126
Md5:    037b8303bce609f3647bd079508031b2
Sha1:   b76218de9ed86ba5eb7a432f264c016da0b044ea
Sha256: c2a0cc110766fc701e4aad2ec2deb59fdbdcbc1b22c957832948377d456fa87a
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oe5uYBOLOWSHMsnlAdQN7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.13.96
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CUGLkhNmkh7wQjXf5AWLUpoKmIM=

                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Tue, 04 Oct 2022 17:16:30 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54602)
Size:   116423
Md5:    d5b9b7a3accd3b7b7de639c072ae3ee2
Sha1:   9583b5c046d78af5c6379d844219f828aa2222d0
Sha256: 648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6LcDe8AUAAAAAIeOp_gOUnA7ugyjy6gqdbyksJ8I&ver=3.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 04 Oct 2022 17:16:30 GMT
date: Tue, 04 Oct 2022 17:16:30 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   584
Md5:    467a07e917a4f2cc8b769657a9521b61
Sha1:   98a32e05d4ebec0a5e04b34a88f36996d8ee9bad
Sha256: 2b60fad1194d4170cede752322199363be21bad91d8dcc300d1011a30e509a77
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 16 Mar 2019 18:59:27 GMT
ETag: "7918-5843ac12fa22a-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7053
Md5:    52f1a8a2ce85fa8432308b33bc1a2e79
Sha1:   fd80917af5371c8ecad0198592a1e7cce4b77b0e
Sha256: 07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:36 GMT
ETag: "aab-5ea26f6fc0a49-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   972
Md5:    8bf268dfcca7cb20719b7ea14373ef4a
Sha1:   58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
Sha256: eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/font-organizer/fo-declarations.css?ver=6.0.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Jan 2019 15:39:52 GMT
ETag: "3e0-580725effc200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 350
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF, LF line terminators
Size:   350
Md5:    d196ba8fec8cba1bba6ea93141b7cd47
Sha1:   55c20fd47753c319ca1e358686ee5e948bae8079
Sha256: 0ddd9969099acd9856c254c630eb2a668d8bb0a9569db874502b0ace83a25b55
                                        
                                            GET /wp-content/themes/contabilidadenobrasil/style.css?ver=3.0 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 16 Mar 2019 17:36:43 GMT
ETag: "a2d-58439994d112f-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 990
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   990
Md5:    7315d5e94837e6cec75516b456988884
Sha1:   f6806187244debc63323a6cf351aaf822bfedf5b
Sha256: ebf643d3de7e26fa21123fd3f41a04fdab5a63a793f3b4d9406be3d62025c92c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 08 Dec 2018 12:11:10 GMT
ETag: "171-57c81a0907380-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (368)
Size:   187
Md5:    9e0a6edbeb14536af99d97cb54c0981f
Sha1:   14aa28487c3e153abeaa0686dd6162e156f8fa9d
Sha256: 54fc2c5c82c740abbf6dafa0896ead858699f4a2095383c1498494eca8fff2ed
                                        
                                            GET /wp-content/uploads/font-organizer/fo-elements.css?ver=6.0.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Jan 2019 15:39:52 GMT
ETag: "23a-580725effc200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   189
Md5:    d8067c84e54588f91e4a7e77812bbccd
Sha1:   f0f11c16c0f52ae1a737c60f3911e102749e4ea6
Sha256: 5128cd3fff3055091fcb7ace6228754898a5a074d7c4bbe946fd7017a4199da3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:21 GMT
ETag: "15b64-5ea26f6157337-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11681
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4d6b344f7e5123552495c56971708cef
Sha1:   efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
Sha256: 8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:21 GMT
ETag: "2bd8-5ea26f6122778-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/highwaypro/app/scripts/frontend/c-behaviour.js?ver=6.0.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 16 Sep 2020 14:18:02 GMT
ETag: "10-5af6eef7a19ca"
Accept-Ranges: bytes
Content-Length: 16
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   16
Md5:    a3b3bd86e956de009762f6474869bdaf
Sha1:   28f38fee3a79fa2acab571080743e84c291ed163
Sha256: 57ace47e5152427fb6b2134f4a0a3384ce01f4e719af3f49b8134b0f2abd5572
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:36 GMT
ETag: "25d0-5ea26f6fbeb09-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2914
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (9680), with no line terminators
Size:   2914
Md5:    7c2c4ebd10adb73367b5c5f0e1e5d3ce
Sha1:   a67e4fd0e3e7452e74b22517ba924b58307d7758
Sha256: 5244443e699788a134cc77adfc3fd18f03386df5fe49e6c82b057387ba4d0ebd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:36 GMT
ETag: "2fb3-5ea26f6fbfaa9-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3934
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12211), with no line terminators
Size:   3934
Md5:    7ef755c2700783f9eae63fc539149a18
Sha1:   e57c0c5ceb5e2fbf1aaad44aad6319f8b26b69a1
Sha256: 95c808afbeaf569865125c132b69df4a68bca03fd6b792d38ef9a0e341dbf06b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.7.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 08 Dec 2018 12:11:10 GMT
ETag: "2136c-57c81a0907380-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 27626
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   27626
Md5:    e3240ea3cb0cab638426cc9339791e7f
Sha1:   802feba39ec885ec7db70291b817e40ae591fd6f
Sha256: e8173cb5379470a7cbddc84ee8a2b0102e609c8003f4689f611c47fbfb8df1fe
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:21 GMT
ETag: "15db1-5ea26f6125658-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30908
Md5:    9640915738503451aa21181699feab5b
Sha1:   c053eaf36ef0da96619706b3abda326305063bd6
Sha256: f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
                                        
                                            GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 01 Aug 2022 19:53:21 GMT
ETag: "5a9-5e5335a1f71e0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 362
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   362
Md5:    e8d5d31df895a6c2383b0e05069feafe
Sha1:   2c4d7fab936f9a01bd13a4bacffeb934ad87ab3f
Sha256: 8a40406ebafe3c8f23e22baf52860d1bcd737d6c744be0f43c37c15fb589270b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:21 GMT
ETag: "194b-5ea26f6118b38-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2457
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2457
Md5:    27cbbd0a9d7c5ad9402118c4afc36035
Sha1:   7659d08a005f5ecfa6c779e3cda45c30007fd059
Sha256: ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
                                        
                                            GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.7.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 08 Dec 2018 12:11:10 GMT
ETag: "3e04-57c81a0907380-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:30 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5106
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (12801)
Size:   5106
Md5:    c6f36881e478d749d49956a0ac121d1e
Sha1:   515be595d70805e7f9a3099c75fa40e9c9edc131
Sha256: 5ced2bca148339c2dfd7efb910eca401b02734bada4b12060cd129b2b1afa034
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:21 GMT
ETag: "4ac6-5ea26f6118b38-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7095
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   7095
Md5:    2f4fcc5a628b379672d76b7e91cbdf07
Sha1:   9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
Sha256: a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:36 GMT
ETag: "3e7-5ea26f6fbdb69-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 507
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (999), with no line terminators
Size:   507
Md5:    22f32f77e17fa7640cda0a401c2b0844
Sha1:   019765feeed7ea2a9e9e506ce000978ea3ecd171
Sha256: 269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:12:21 GMT
ETag: "5db-5ea26f612a478-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 706
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1464)
Size:   706
Md5:    e26e2ba5d82da6211e981bf0e962fe00
Sha1:   ca7358efdb6852cfb78ec32383eaef15ac6cb61b
Sha256: 400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /gtm.js?id=GTM-MJHB73P HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 17:16:31 GMT
expires: Tue, 04 Oct 2022 17:16:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 16:48:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   47170
Md5:    3259bf1657766bcdb254d2d28834a330
Sha1:   2725a09990fc7f6dc419e692cc4b2ce3f9a1fc9c
Sha256: a9ec4fed4d4f77e8635e1bdbb4e5018f3b3f658d81e3990e0381ba54533a5ec8
                                        
                                            GET /wp-content/uploads/2016/08/logotamanhomenor.png HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 13 Mar 2019 20:37:24 GMT
ETag: "73ec-583ffc5f10943"
Accept-Ranges: bytes
Content-Length: 29676
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 17:16:31 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 331 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size:   29676
Md5:    d13c0a3d7085b3bcfa1fbc0abb4df87a
Sha1:   af59d9ae30290ac55c2005e34483375009d4f998
Sha256: 6a075ddfcec32ba44a35dc7ee52f4a32dce05ff1fae9be918b2c0c17a005a3ea
                                        
                                            GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664827867 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 03 Oct 2022 20:11:07 GMT
ETag: "29ed-5ea26f1a8a41a-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3086
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3086
Md5:    d267bd35ccf6033cb8e9837358eb9856
Sha1:   a3497f6e883b3ad6d7c24241d8cf27a12b207b18
Sha256: 7b085d8f0972e8a90636d785ea53496c27bd7b73335aafd6003d847a835d8e7e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2019/01/logotamanhomenorBranca.png HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 13 Mar 2019 20:38:13 GMT
ETag: "22a9-583ffc8d9e121"
Accept-Ranges: bytes
Content-Length: 8873
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 17:16:31 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 331 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size:   8873
Md5:    d7704babdf25f79e0b0aad20d390dd8a
Sha1:   e03c35023121a89720ca82bc97f37dc50f3837d8
Sha256: 801e78301e67f029a60557afd409a672bacd24746ad116a5df85daddd61f8407
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.contabilidadenobrasil.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:53:39 GMT
expires: Tue, 03 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 80572
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.contabilidadenobrasil.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:07:38 GMT
expires: Tue, 03 Oct 2023 21:07:38 GMT
cache-control: public, max-age=31536000
age: 72533
last-modified: Mon, 18 Jul 2022 19:57:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Size:   21280
Md5:    16911581ab7ea10687a5aee74cbc5612
Sha1:   b0b24248345739209d753a4ac77ccfc1f627b219
Sha256: c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2016/08/bkg-body-top.png HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 17 Aug 2016 07:31:01 GMT
ETag: "2f6-53a3f72725740"
Accept-Ranges: bytes
Content-Length: 758
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 17:16:31 GMT
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1200 x 6, 8-bit colormap, non-interlaced\012- data
Size:   758
Md5:    ecc9b2a8e08f77f7ef1afdf088dfb5bc
Sha1:   a626703e76517e353247a4b200e914f43096a792
Sha256: fcd3602df6a1867e7b74c43fe3c1a7a7bda2d0b29f7ed45de5c2e4a27c3666e8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Pacifico|Open+Sans+Condensed|Open+Sans|Raleway|Source+Serif+Pro HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 17:16:30 GMT
date: Tue, 04 Oct 2022 17:16:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25629
Md5:    9d6c9ec2a3317fad37daa9adbb72451a
Sha1:   37aae2b2164f08dd906eda0458db55005a94b21f
Sha256: 351a1e6f9abae0e20e8cb08197c14593eaf890e85ab275500ccea3987d72def6
                                        
                                            GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 08 Dec 2018 12:11:10 GMT
ETag: "1578-57c81a0907380"
Accept-Ranges: bytes
Content-Length: 5496
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5496, version 1.0\012- data
Size:   5496
Md5:    7c6fbd8a2fc6d6788ac753dabb971aff
Sha1:   39d1384aa489b5d4616f8ecfe5b9f682f1a7a40a
Sha256: f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.7.2 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 08 Dec 2018 12:11:10 GMT
ETag: "2765b-57c81a0907380-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 47215
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19155)
Size:   47215
Md5:    4b42824368c7e3c59f9d09bea32f7240
Sha1:   3bc00bab1cf78c7246c90d6569e97c000c5e916e
Sha256: c6925023ad3fdb494d513db798b7bec2c97fa7535d8c6c29b8914d4e3acab713

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Tue, 04 Oct 2022 22:36:51 GMT
Date: Tue, 04 Oct 2022 17:16:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Tue, 04 Oct 2022 22:36:51 GMT
Date: Tue, 04 Oct 2022 17:16:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Tue, 04 Oct 2022 22:36:51 GMT
Date: Tue, 04 Oct 2022 17:16:31 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 16 Mar 2019 18:59:27 GMT
ETag: "12d68-5843ac12fa22a"
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Tue, 04 Oct 2022 22:36:51 GMT
Date: Tue, 04 Oct 2022 17:16:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19220
Expires: Tue, 04 Oct 2022 22:36:51 GMT
Date: Tue, 04 Oct 2022 17:16:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 70331
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 70331
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4151
Md5:    24a4a122273ef9f772852031eb13114a
Sha1:   c20f1fac9020eb4bd6c84583f73872979639b991
Sha256: 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 45220
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 70331
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 70318
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 70316
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 04 Oct 2022 17:16:31 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Size:   26421
Md5:    707317ccaabe08d32d1bd781754e6871
Sha1:   bb82dcd3e044c960e0861c2ce878f5504e628f78
Sha256: d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
                                        
                                            GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contabilidadenobrasil.com.br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
age: 317460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (711)
Size:   158844
Md5:    b4ed95d4318e3b78b936c9c0f1ffa96e
Sha1:   b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
Sha256: 3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
                                        
                                            GET /addthismoatframe568911941483/moatframe.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.201.146
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=10589
date: Tue, 04 Oct 2022 17:16:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   948
Md5:    f14b4e1f799b14f798a195f43cf58376
Sha1:   b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
Sha256: 92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
                                        
                                            GET /wp-content/uploads/2016/09/cropped-CB-logo-icon-192x192.png HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 12 Mar 2019 18:56:29 GMT
ETag: "4ed2-583ea3f30def4"
Accept-Ranges: bytes
Content-Length: 20178
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 17:16:31 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   20178
Md5:    47cf1e620c71b439e282b775c0caf536
Sha1:   4b2f0d01f0a435fe8c583a59b4c5b7915925047a
Sha256: 15dd51b113a477b6974fc3f0e7baa449c154eb0a50d0f98bc96f67f2adda1cbe
                                        
                                            GET /l10n/client.pt.min.json HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contabilidadenobrasil.com.br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-e24"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1747
date: Tue, 04 Oct 2022 17:16:31 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (3560), with no line terminators
Size:   1747
Md5:    19a54a750c49510d0f4479d3aaa1d948
Sha1:   9f69430fe22676a26581cfeab7f79f7352b81fb0
Sha256: cf281750841886c252bab68854486331fed3798014c49c9c24e024416477b6b6
                                        
                                            GET /wp-json/contact-form-7/v1/contact-forms/51/feedback/schema HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Robots-Tag: noindex
Link: <https://www.contabilidadenobrasil.com.br/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin,Accept-Encoding
Cache-Control: max-age=2592000
Expires: Thu, 03 Nov 2022 17:16:31 GMT
Content-Encoding: gzip
Content-Length: 206
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with no line terminators
Size:   206
Md5:    f897f82cc70b17d4f16a799d88d8704e
Sha1:   27df8a35ffc1a3d9be2e50058d70d8714ffdd6c2
Sha256: f417713cff9611a3574dedee79b4581a5489669588e212944a366e2a92ede2ac

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2016/09/cropped-CB-logo-icon-32x32.png HTTP/1.1 
Host: www.contabilidadenobrasil.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         138.68.231.91
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 12 Mar 2019 18:56:30 GMT
ETag: "6e7-583ea3f40215e"
Accept-Ranges: bytes
Content-Length: 1767
Cache-Control: max-age=31536000
Expires: Wed, 04 Oct 2023 17:16:31 GMT
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1767
Md5:    a620f68fe5b72991254b4161dd508ba1
Sha1:   823627e47d0ca65a03f73028583b5e1d08ff7e9f
Sha256: 2fb9c66c5593b298603273e950288ba133d0390390231fbefade6c572d86c01e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /live/red_lojson/300lo.json?si=633c6a6f71369991&bkl=0&bl=1&pdt=1307&sid=633c6a6f71369991&pub=ra-5c89c50b86133e3f&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=www.contabilidadenobrasil.com.br&fp=wp-content%2Fplugins%2Fwp-fastest-cache%2Ftemplates%2Fcdn%2Fmtbank%2Fauth.php%3Fcmd%3Dsignon_submit%26id%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219%26session%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1664903791089&jsl=1&uvs=633c6a6f4fcef5fc000&skipb=1&callback=addthis.cbs.jsonp__59391226737880580 HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 04 Oct 2022 17:16:31 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   89
Md5:    31eab6e1f65619cba59d856541c6d9d3
Sha1:   3f8cca83f0b80228b1d018c7d2d2a0cf55dff998
Sha256: 3f479d4a33a4e73c56d70eb03284ba420168a50c88fd5bfdb1e3dfcb631dd67d
                                        
                                            GET /pagead/viewthroughconversion/940487382/?random=1664903791291&cv=9&fst=1664903791291&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fwww.contabilidadenobrasil.com.br%2Fwp-content%2Fplugins%2Fwp-fastest-cache%2Ftemplates%2Fcdn%2Fmtbank%2Fauth.php%3Fcmd%3Dsignon_submit%26id%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219%26session%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Contabilidade%20no%20Brasil&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 17:16:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1151
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 17:31:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2802), with no line terminators
Size:   1151
Md5:    4a22179180fcc03a19b491d7e1a843b2
Sha1:   36436f637b7357bb58df973482dbbb7efe720dbd
Sha256: 06ad624fa70e42b5977e23d0499cb517c341fe3487e47f4509c1713e0eba15d8
                                        
                                            GET /live/boost/ra-5c89c50b86133e3f/_ate.track.config_resp HTTP/1.1 
Host: v1.addthisedge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 1221
etag: -666106750--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=54, s-maxage=86400
date: Tue, 04 Oct 2022 17:16:32 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3482), with no line terminators
Size:   1221
Md5:    a622665e5e3e68a459afe5c51790cf1b
Sha1:   bdd25b427a084aa278172e9e0aeccdae4f52664f
Sha256: 8def33adf365c10a6b83be77e0ec28d572c88192b04d4bc78ed811a12509a474
                                        
                                            GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Tue, 04 Oct 2022 17:16:32 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   77672
Md5:    9a77dff666eebb6cf4bbc4c67c7b563b
Sha1:   9e98d7824a7b4e34665c2690d6f52caddad1fe4b
Sha256: 6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
                                        
                                            GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28570
date: Tue, 04 Oct 2022 17:16:32 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (60526)
Size:   28570
Md5:    f4a430f112d94f56cbeddcde217f69b6
Sha1:   01c1580d462c4977c7194746540f813e6b5675ce
Sha256: f8999cbfee6629cf5f2f77d325a508f30a1adc6f1ab7506c462bf467930f36da
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/940487382/?random=1664903791291&cv=9&fst=1664902800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.contabilidadenobrasil.com.br%2Fwp-content%2Fplugins%2Fwp-fastest-cache%2Ftemplates%2Fcdn%2Fmtbank%2Fauth.php%3Fcmd%3Dsignon_submit%26id%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219%26session%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Contabilidade%20no%20Brasil&async=1&fmt=3&is_vtc=1&random=1298971159&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 17:16:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 276274
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 404881
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size:   15552
Md5:    285467176f7fe6bb6a9c6873b3dad2cc
Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e
Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 17:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /live/red_lojson/300vi.png?cad=lpba%3Dxfxx&positions=xfxx%3Dtop&goals=xfxx%3Dprompt&first=1&rv=0&uvs=633c6a6f4fcef5fc&pub=ra-5c89c50b86133e3f&dp=www.contabilidadenobrasil.com.br&rev=v8.28.8-wp HTTP/1.1 
Host: m.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 204 No Content
                                        
expires: Tue, 04 Oct 2022 17:16:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 04 Oct 2022 17:16:32 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.contabilidadenobrasil.com.br%2Fwp-content%2Fplugins%2Fwp-fastest-cache%2Ftemplates%2Fcdn%2Fmtbank%2Fauth.php%3Fcmd%3Dsignon_submit%26id%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219%26session%3D23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219 HTTP/1.1 
Host: api-public.addthis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.contabilidadenobrasil.com.br
Connection: keep-alive
Referer: https://www.contabilidadenobrasil.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         23.38.200.123
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx/1.15.8
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.contabilidadenobrasil.com.br/wp-content/plugins/wp-fastest-cache/templates/cdn/mtbank/auth.php?cmd=signon_submit&id=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219&session=23403b2dd650536b1331150ff84cf21923403b2dd650536b1331150ff84cf219
last-modified: Tue, 04 Oct 2022 17:00:00 GMT
access-control-allow-origin: https://www.contabilidadenobrasil.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 04 Oct 2022 17:16:32 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a