r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14780
Expires: Mon, 19 Sep 2022 00:03:43 GMT
Date: Sun, 18 Sep 2022 19:57:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GBVJaszS1zIGBqlcF9MOsLFcWAaMRsl4_69J2HS4N8lQNqq4NjEboA==
age: 55330
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 19:02:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A-Z0u-Kjx328ofwDeKU952voyGDsqYAv-Rg0zOg69qFbc1VxeNCaJA==
Age: 3266
sacoma-sao-paulo.brasil-empresas.com/
206.54.190.30301 Moved Permanently 707 B URL HTTP/1.1 sacoma-sao-paulo.brasil-empresas.com/
IP 206.54.190.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
location: https://sacoma-sao-paulo.brasil-empresas.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:57:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 19:03:22 GMT
Expires: Sun, 18 Sep 2022 19:07:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -8AStYCfm1oyFdsu42DP4J6B_fQpxJaZRxW4VbvRXPDJMJR2fmxRkA==
Age: 3241
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4999
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:23 GMT
Last-Modified: Sun, 18 Sep 2022 18:34:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/jsgrid/1.5.3/jsgrid.min.js
104.17.24.14200 OK 8.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jsgrid/1.5.3/jsgrid.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32065)
Hash 77b2102cfec02e7cdd6625660cd0def5
4cfc052d62457bcbea7959e26a164e1d51293809
9ae0cb0ad36d1ce1bf4f9335593dced662134775767bd9205ffafcbb0a6c8b68
GET /ajax/libs/jsgrid/1.5.3/jsgrid.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:57:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 8484
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec7-915b"
last-modified: Mon, 04 May 2020 16:11:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4574981
expires: Fri, 08 Sep 2023 19:57:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jg7NwcL7PUgBWm4tGorLlNtUGGKjt29hS9IAje2Nekag%2B4glhPZJtKaL9Rq2DqIMn69nljFLdJHOoLppG9J8E3KFqj45kq0Ymg%2F1RXfnMSGj9R6MVXU0Jo1%2FH2HIRYZwg6b6%2BsNk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cca6803e220b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.optad360.io/items/d43302e7-fdd7-4ed2-b766-332ae2926ff2.min.js
54.230.111.24200 OK 497 B URL HTTP/2 cmp.optad360.io/items/d43302e7-fdd7-4ed2-b766-332ae2926ff2.min.js
IP 54.230.111.24:0
File type ASCII text, with very long lines (496)
Hash 7acdc116a0830ba0aef5e087010246ba
44c6d5659727be623750ef5da32c2da279997694
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
GET /items/d43302e7-fdd7-4ed2-b766-332ae2926ff2.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 497
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 00:24:42 GMT
etag: "7acdc116a0830ba0aef5e087010246ba"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wHQuHCt9U24owp8m6AUGJ7xMTRB2iUYVYHWL_JLM2xR2h28Ygs6u-A==
age: 70362
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sacoma-sao-paulo.brasil-empresas.com/static/css/libs/bootstrap_grid/bootstrap-grid.min.css
206.54.190.30200 OK 2.9 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/css/libs/bootstrap_grid/bootstrap-grid.min.css
IP 206.54.190.30:0
File type ASCII text, with very long lines (33976), with CRLF line terminators
Hash e44332708c242d3c40be0d7d810af903
0edbea30e20ba5c6948f1d82cf6c613c1b4ac8c6
2d82b8b274362fc002fb98bf544f64c04225e6b9ba267905ae3427bd5cee3561
GET /static/css/libs/bootstrap_grid/bootstrap-grid.min.css HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2885
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-146216250-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-146216250-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 2d7da49b9e981d827f5f0a946b84ff7a
1ad7289654946dd8ad34900d188b2b64c8df8d8c
5b29fc4ffc835d02285911a2780550f5b09184628b13bd7c8faf98d18114e3b3
GET /gtag/js?id=UA-146216250-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 19:57:23 GMT
expires: Sun, 18 Sep 2022 19:57:23 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0cbb09719e13b25ca75c63aa5f3fad37
2c7ee399373a9ed4cd7595072f982581efeac1c9
bd43eca6b24d73e8be74eee5c703145b172e0b786501982767b1b10c36280b2b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BD43ECA6B24D73E8BE74EEE5C703145B172E0B786501982767B1B10C36280B2B"
Last-Modified: Sat, 17 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17742
Expires: Mon, 19 Sep 2022 00:53:06 GMT
Date: Sun, 18 Sep 2022 19:57:24 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9MVt28k7Kf6T3fPY5XLwmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1z7sJfgUVg7jOkwT+ai905OOdLI=
sacoma-sao-paulo.brasil-empresas.com/static/css/main.css
206.54.190.30200 OK 31 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/css/main.css
IP 206.54.190.30:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash a94ab15454bf0ecdfbcb6ee4b0f05906
3f9fdb2e86ebee64a8004381466ebad528a3ecca
bdea14cb5b69e480a5b912d2f3cbc3ee5ce7e954f5af8a3cb3d50aa07426396d
GET /static/css/main.css HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 04 Sep 2019 11:46:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30797
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/css/libs/owl_carousel/owl.carousel.min.css
206.54.190.30200 OK 917 B URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/css/libs/owl_carousel/owl.carousel.min.css
IP 206.54.190.30:0
File type ASCII text, with very long lines (3184), with CRLF line terminators
Hash e3f0aef7add53313c6febb571414991e
b7d70fcfab3167639d629057b31d1940377c9426
2693043e796301079c73b182544db670a87505a541bca51b2c1a10f95bd9a0c0
GET /static/css/libs/owl_carousel/owl.carousel.min.css HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 917
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/css/libs/malihu/jquery.mCustomScrollbar.min.css
206.54.190.30200 OK 3.8 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/css/libs/malihu/jquery.mCustomScrollbar.min.css
IP 206.54.190.30:0
File type ASCII text, with very long lines (42839), with no line terminators
Hash 0f2a1830a2eb3452fe698134828443d4
4d04d53d82c38785c13e1aa7cf012cb9dbf3db28
a037316b9cce9cab96056fd1797693e625fda9cfcd5337f5412b9aa8b6aae3ad
GET /static/css/libs/malihu/jquery.mCustomScrollbar.min.css HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3806
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3beb4dc8e3cd16af7dfdc1db373e36d
d211139ab9f9e5127dc649b2ebcdfa2436a6ab68
d6d4b4bdb6c44fe0ed76465ef671ae0879bf8893f73842dca27ca1fb9a5b6e51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6D4B4BDB6C44FE0ED76465EF671AE0879BF8893F73842DCA27CA1FB9A5B6E51"
Last-Modified: Fri, 16 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10525
Expires: Sun, 18 Sep 2022 22:52:49 GMT
Date: Sun, 18 Sep 2022 19:57:24 GMT
Connection: keep-alive
informer.ex-currency.com/vertical-rates.js
172.67.150.204200 OK 1.0 kB URL HTTP/2 informer.ex-currency.com/vertical-rates.js
IP 172.67.150.204:0
Hash ee1ce34ea4f7d149c185817f8b86f8c6
c21227ff3bd5249b83ea272fd04c5897031cbef8
8d2f5bfe1597ef0468a80ab12d05fd1d2982864637fbce2a8ad0d9f3d9304f0a
GET /vertical-rates.js HTTP/1.1
Host: informer.ex-currency.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:57:24 GMT
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 05:19:27 GMT
vary: Accept-Encoding
etag: W/"6200abdf-e1d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlrRDuFGgDXmZQiUFhBzy%2FbR1B8rNgtNX7kuvkxSlW%2Fk%2Fe5ZXVPIb%2BK4mNQrX89acj4xe%2BjxZrBQ38gL7VBWzbtdon9BRM0%2FgpNHA0MXDaaAfIWoWbTfmR7d%2F%2BAWBEomBHLkK07QBTKsnbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cca6817d0fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/js/jquery.js
206.54.190.30200 OK 30 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/js/jquery.js
IP 206.54.190.30:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash b4ea91b82034d3d6d975712383961c52
834490b924a2eb9d457c8e7e7505eda6a220c7f9
32a1d2b33bd963e901916c42be28186835e057638e81cc645ecb344ef605e249
Analyzer Verdict Alert fortinet Phishing
GET /static/js/jquery.js HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29665
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/js/libs/svguse/svguse.js
206.54.190.30200 OK 1.1 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/js/libs/svguse/svguse.js
IP 206.54.190.30:0
File type ASCII text, with very long lines (522), with CRLF line terminators
Hash defe228d75484c159721146328b212a2
80ce40afa07cd4786b441f77fc82c3e229b0541e
973ae7186810edcf8517e18161bd231efc37c8fae8d4fb82d54b0ee9db410921
Analyzer Verdict Alert fortinet Phishing
GET /static/js/libs/svguse/svguse.js HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1120
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/js/main.js
206.54.190.30200 OK 1.9 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/js/main.js
IP 206.54.190.30:0
File type Unicode text, UTF-8 text, with very long lines (9807), with no line terminators
Hash 5a739e64f79e01769e2669e46aa4da4c
ba74ca12618c095937314ba62d7085d105f1c6f7
01a27d054663a109e7376b320de27661ae4768ad6313ea2975aa871a4582dc77
Analyzer Verdict Alert fortinet Phishing
GET /static/js/main.js HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 06 Jul 2019 14:23:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1899
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/js/libs/malihu/jquery.mCustomScrollbar.js
206.54.190.30200 OK 22 kB URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/js/libs/malihu/jquery.mCustomScrollbar.js
IP 206.54.190.30:0
File type ASCII text, with very long lines (732), with CRLF line terminators
Hash 755451484cd2f3122d8fd4e51cb4fcd7
8950f836ce2e5dc0b5b70a37432f2cff15db2a70
98021da533480087012adfa609c5f24527b43d52a100eea7c94a550e5e00aeeb
Analyzer Verdict Alert fortinet Phishing
GET /static/js/libs/malihu/jquery.mCustomScrollbar.js HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21502
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ingmar.club/code/gzsgkmzvme5ha3ddf42dsma
185.177.92.29200 OK 319 B URL HTTP/2 ingmar.club/code/gzsgkmzvme5ha3ddf42dsma
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
Hash 6d014b7387fbf5f2f3139168d54ceecb
42e89806b8cc66c73df2573cfed042cc34038aff
f87546932d12aacbfc74ec801d121cedb60f9b5e7a58e77843ce3c5f071ba2c0
GET /code/gzsgkmzvme5ha3ddf42dsma HTTP/1.1
Host: ingmar.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:57:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ad03c102-9ecb-4157-b635-6ad698413c37; expires=Tue, 18-Oct-2022 19:57:24 GMT; Max-Age=2592000; path=/; SameSite=None; domain=ingmar.club; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
get.optad360.io/sf/prebid7.4.0.js
143.204.55.44200 OK 501 kB URL HTTP/2 get.optad360.io/sf/prebid7.4.0.js
IP 143.204.55.44:0
File type ASCII text, with very long lines (64501)
Size 501 kB (501067 bytes)
Hash a0bddabb480a5fb345c76e9ee90ca693
3e64dbc47434baad48c68bc2ae56becad37258f3
974e273832eda34a4be17276099fc4b24df1c01ce07fcd52e89d8a023dd1c4f0
GET /sf/prebid7.4.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 501067
date: Wed, 07 Sep 2022 08:32:00 GMT
last-modified: Tue, 05 Jul 2022 07:01:35 GMT
etag: "a0bddabb480a5fb345c76e9ee90ca693"
cache-control: public, max-age=360000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A86ee4xEGJWV9gT4_2O9ZNJYMEjUpYRA2tdHdSKx70cb8weRP93h0A==
age: 991525
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220918
151.101.85.229200 OK 882 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220918
IP 151.101.85.229:0
File type JSON data\012- , ASCII text, with very long lines (1643), with no line terminators
Hash 1d5c5f62227a7de1be8df90934a87dfe
58181ddb7d1627b7237e4d0f34679743a5f6e9b9
7f5db030d52d530338bcfb9608cfd4f75219863329e8242458836f3c1116aef2
GET /gh/prebid/currency-file@1/latest.json?date=20220918 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1467
x-jsd-version-type: version
etag: W/"66b-KAs66ongVjlHiLXckfTg9ZSlJnw"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 19:57:24 GMT
age: 17787
x-served-by: cache-fra19135-FRA, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 882
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 150a744c8ac2c6539ce44d7a225c8c9b
51a42a264d27e7e5ba954c74fbf186398b1c3f7f
fd5ae2b04fd7f175efd535d25fd2d229589411e9fb9a8fe453cb15966b2c1153
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:57:24 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3C37DA0992789396AA2443CF6853A3AE26FC5A84"
Expires: Mon, 19 Sep 2022 07:00:00 GMT
Last-Modified: Sun, 18 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1271
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cca6860a4e1bfe-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4aac494b564a412953b0a5dcb82b58f7
59e47b7f18f7a96881bc501813f564059af05a7e
7239cf9f971a455bb50681d1781bcf5c0eab03064bfdf7dc58218d3032528563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7239CF9F971A455BB50681D1781BCF5C0EAB03064BFDF7DC58218D3032528563"
Last-Modified: Sun, 18 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8750
Expires: Sun, 18 Sep 2022 22:23:14 GMT
Date: Sun, 18 Sep 2022 19:57:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e0e3e37ef92be3b25f8a449a611a14b
d3310c857ddade7702eec1b7778b4dd4add46e29
7b204dbe86bee5a5c378ce3e453b9502fae5c30216ee407b9214d5e3a43608fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 960
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:24 GMT
Last-Modified: Sun, 18 Sep 2022 19:41:24 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
147.75.85.234204 No Content 1.6 kB IP 147.75.85.234:0
Hash 98b341b25ecd08541512bd38a1ee0fb2
7fb3bb1651243d50f762c35dab9187112f76104d
1b6de76d2aa36a4f715ed570ccacdc70997c609208576303a26b72049b937e84
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 868
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
cache-control: max-age=0, private, must-revalidate
date: Sun, 18 Sep 2022 19:57:24 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 3
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 715
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 18 Sep 2022 19:57:24 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?cs=true&bdver=5.6&pbver=7.4.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 914
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Sep 2022 19:57:24 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
uber-trace-id: 0000000000000000f976eafb1668e267:94e38b9bcff7f849:0:0
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 18 Sep 2022 18:41:12 GMT
expires: Sun, 18 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4573
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2903)
Hash a031b6d4845010e525d11978648f2726
e8d0f9bf9947df2b83f2d09a36931b50baabe77d
6736924e0e262f0d2d2ccd64c62fd2b5f570d0b5c46be35120d71304bbc63ed1
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sun, 18 Sep 2022 19:57:25 GMT
expires: Sun, 18 Sep 2022 19:57:25 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11876649078808454877
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=388665924&t=pageview&_s=1&dl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&ul=en-us&de=UTF-8&dt=Empresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1462585545&gjid=170341203&cid=960940793.1663531026&tid=UA-146216250-1&_gid=614773561.1663531026&_r=1>m=2ou9e0&z=1113718288
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=388665924&t=pageview&_s=1&dl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&ul=en-us&de=UTF-8&dt=Empresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1462585545&gjid=170341203&cid=960940793.1663531026&tid=UA-146216250-1&_gid=614773561.1663531026&_r=1>m=2ou9e0&z=1113718288
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=388665924&t=pageview&_s=1&dl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&ul=en-us&de=UTF-8&dt=Empresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1462585545&gjid=170341203&cid=960940793.1663531026&tid=UA-146216250-1&_gid=614773561.1663531026&_r=1>m=2ou9e0&z=1113718288 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
date: Sun, 18 Sep 2022 19:57:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 9eb577e4151ad11356aadc022740518a
08f095da8697ec31b320cc472f73cf00c56e01c1
ba3ff00cf6f4f1cf7414485632fe39680393b7d6035b298e227540125fc7256c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:57:25 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 22 Sep 2022 18:33:51 GMT
ETag: "08f095da8697ec31b320cc472f73cf00c56e01c1"
Last-Modified: Sun, 18 Sep 2022 18:33:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2207
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cca6883d211bfe-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3675
Expires: Sun, 18 Sep 2022 20:58:40 GMT
Date: Sun, 18 Sep 2022 19:57:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3675
Expires: Sun, 18 Sep 2022 20:58:40 GMT
Date: Sun, 18 Sep 2022 19:57:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3675
Expires: Sun, 18 Sep 2022 20:58:40 GMT
Date: Sun, 18 Sep 2022 19:57:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 50900
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 45670
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4-H_LbXRjS1PJkVz9OIhwsaPfu8ZlL98zTZG--hdmij9Tc6KtmNSFQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:51:29 GMT
age: 79556
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
age: 79704
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 44352
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2e5759fd404a039955868b121bbd075
04fb3179255ba5ec897ffc4581966945cc9fe2ca
42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hHE8PD-PBif2YjztVe4A08wILChFqRvVUrJD-XScWKENd8X0_jornw==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:11:46 GMT
age: 78339
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5cd63cb6d6ee0c229d42c30cea96385b
39b42291f5264020f2bb6f40bff517618aae0bcd
078d712d379fb57dce7db2075f83a1f4c65571e520f2cdbeccac3ddc008b05a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 846cbf15e676b7aa9477514a183675a5
a4d9089b67555c61684a7d0b9b58668a34a16c7c
bb8e766ec5696ec9fc878a7db1496cc5fc07ef046ce53092182c0fc98c927ecc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 71985
date: Sun, 18 Sep 2022 19:57:25 GMT
access-control-allow-origin: *
etag: "6323e622-11931"
expires: Sun, 18 Sep 2022 20:57:25 GMT
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sacoma-sao-paulo.brasil-empresas.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sacoma-sao-paulo.brasil-empresas.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sacoma-sao-paulo.brasil-empresas.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 18 Sep 2022 19:57:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=sacoma-sao-paulo.brasil-empresas.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sacoma-sao-paulo.brasil-empresas.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sacoma-sao-paulo.brasil-empresas.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 18 Sep 2022 19:57:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 846cbf15e676b7aa9477514a183675a5
a4d9089b67555c61684a7d0b9b58668a34a16c7c
bb8e766ec5696ec9fc878a7db1496cc5fc07ef046ce53092182c0fc98c927ecc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bbffed41e8f6975543c877a13721a920
85ab4873350ec87f5fd433af089483e9c2c67267
46ffd2e1a6b3933e631cfff493fba95bec05e1fe9611562c180ebd63b4302d29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:25 GMT
access-control-allow-origin: *
etag: "6323e622-2b"
expires: Sun, 18 Sep 2022 20:57:25 GMT
accept-ranges: bytes
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.mapbox.com/styles/v1/mapbox/streets-v10/static/-46.5952519,-23.6198294,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg
54.230.216.182200 OK 15 kB URL HTTP/1.1 api.mapbox.com/styles/v1/mapbox/streets-v10/static/-46.5952519,-23.6198294,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg
IP 54.230.216.182:0
File type PNG image data, 374 x 210, 8-bit colormap, non-interlaced\012- data
Hash 0edb1d73e64445fce0512ab5db1060fb
8826fa32745be69b1c799473a8f24f57952a4868
d2b4ce63bce284cfd18047d75852dcb7d0a5487d9d6c7ed3a94e09da958554b8
GET /styles/v1/mapbox/streets-v10/static/-46.5952519,-23.6198294,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 14745
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:22:21 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=43200,s-maxage=43200
X-Rate-Limit-Limit: 1250
X-Rate-Limit-Interval: 60
ETag: "fbe1cf4fd73d91d39020c69131565e644826aba07c22f68a1e778696795eece0"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bAdxviwlQBDQ3DAWeumlSk_8LFZR-qvoC4wgUkSl88VCAKF4xtsyNA==
Age: 23704
api.mapbox.com/styles/v1/mapbox/streets-v10/static/-46.6019567,-23.6171329,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg
54.230.216.182200 OK 16 kB URL HTTP/1.1 api.mapbox.com/styles/v1/mapbox/streets-v10/static/-46.6019567,-23.6171329,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg
IP 54.230.216.182:0
File type PNG image data, 374 x 210, 8-bit colormap, non-interlaced\012- data
Hash 1f3e85e35053c708f9100f4cfe4064a3
5244e08b970641fad624d35d2659c50feeef5d8f
82cb07a434028745a90e710540d7093d6805e96a9941af226a55feb1d53619f8
GET /styles/v1/mapbox/streets-v10/static/-46.6019567,-23.6171329,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 15716
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:22:21 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=43200,s-maxage=43200
X-Rate-Limit-Limit: 1250
X-Rate-Limit-Interval: 60
ETag: "891047acfb6c125bc74e33642865e3436936c08ff35b354432cac0ffe88c3a7d"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0SROUOq7jL77F8WdsMDrUbuGveFfwdj-iGUq6gkf2imCSXL1PMd-mA==
Age: 23704
api.mapbox.com/styles/v1/mapbox/streets-v10/static/-46.5963085,-23.6473233,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg
54.230.216.182200 OK 17 kB URL HTTP/1.1 api.mapbox.com/styles/v1/mapbox/streets-v10/static/-46.5963085,-23.6473233,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg
IP 54.230.216.182:0
File type PNG image data, 374 x 210, 8-bit colormap, non-interlaced\012- data
Hash 59a7f52bc22c077b4f9bce83ec68f0e6
527d58a6a900d69368cfdf4e9bc7422e6a84defd
0179d6f8715cfddc301828e0358c478c196b88b368ea7949abae5eb537bcb14d
GET /styles/v1/mapbox/streets-v10/static/-46.5963085,-23.6473233,15.0,0,0/374x210?access_token=pk.eyJ1IjoiMjdmaXJtc3Ryb255IiwiYSI6ImNsNDg0dDN1MTBvemEzbm1zMzl3amdiZ3gifQ.RTSHjSW-8annNGIlxul8rg HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 17124
Connection: keep-alive
Date: Sun, 18 Sep 2022 13:22:21 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=43200,s-maxage=43200
X-Rate-Limit-Limit: 1250
X-Rate-Limit-Interval: 60
ETag: "12b57c93e16b9c8139e69815e4cc30f2fb0dbb85845046e9186253fc84e14dba"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kGJulXFNkz_Aa6lseQpVheF6qPFw4PWytvKXO1gUF07dNsTNzwfr7Q==
Age: 23704
5a2b1a88bb5c427e67abc227507af9c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 3.1 kB URL HTTP/2 5a2b1a88bb5c427e67abc227507af9c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: 5a2b1a88bb5c427e67abc227507af9c8.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 18 Sep 2022 19:57:25 GMT
expires: Mon, 18 Sep 2023 19:57:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/55024114/1?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/55024114/1?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 47dce5913337a4af9a30ecee9808329d
27876041875374a6d8e791c16872703934aa770d
374af70a85d7517272618eaaaa9918ddb27c0c58da0354d0f79acb5b665402ef
GET /watch/55024114/1?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sun, 18 Sep 2022 19:57:25 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:25 GMT
last-modified: Sun, 18-Sep-2022 19:57:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eed36599724b02c61736ef5cebf3040b
aaa01755f0e96615159e0880b9d2e9c7dbe54a0c
017e0bc6c0ca49c88b0e21e1bf3be45c4c83974dc4ba5d90b6057310a5ff8fce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad98157c7e1e3f4554e5bed34d505fc5
3e95df6e64b1e53c7dcd1764726e3fed1fb2cb9a
a14b3392817936364c7bb36d3b67031fae5164e607a7fb434e60c3381690cb67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1624)
Hash 85a90b8e0126b27c0822c49645a463df
45792c551fabfa14db90396c2c34337929011a3b
13fe815828a5dc11870c98db4957f2f59aaf7e0eaec4028d3d88fb4b6e82588e
GET /pagead/js/r20220914/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9550
x-xss-protection: 0
date: Sun, 18 Sep 2022 19:54:36 GMT
expires: Sun, 02 Oct 2022 19:54:36 GMT
cache-control: public, max-age=1209600
etag: 715955199520789971
content-type: text/javascript; charset=UTF-8
age: 170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash c6ef0dcf21169e17aaffa059d38c2d49
2be7fa5127d37589157427293c2acededdbc009c
a2734b2074e51f52a7e9c604170acd71b311146d99d1640192f015f070b7df7f
GET /pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7552
x-xss-protection: 0
date: Sun, 18 Sep 2022 19:55:52 GMT
expires: Sun, 02 Oct 2022 19:55:52 GMT
cache-control: public, max-age=1209600
etag: 1588701280721430806
content-type: text/javascript; charset=UTF-8
age: 94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
IP 142.250.74.10:0
Hash 8d9e5a672a406680cc12aead198fe117
17a24a29a16ad4bef584a87a4cfad0a764715635
27548e4024e2713c317b572d9afe198b818342d1c7aee72f95fd939f6dbefee5
GET /css?family=Roboto%3A300%2C400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 19:57:26 GMT
date: Sun, 18 Sep 2022 19:57:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.163200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.163:0
File type C++ source, ASCII text, with very long lines (2944)
Hash c8c0ce1b17f6ed0900bf0ae22a83a7ea
fdf1512f0cf46ec029f0c546cc8297a078ce11b8
bd37705e6c661c46d6d2a2576f10c6640cf06c4b2d122e8feedceeb5a65b3832
GET /mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 13694
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 01:34:37 GMT
expires: Thu, 15 Dec 2022 01:34:37 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
content-type: text/javascript
age: 238969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaRfr-8AUL00VzQCm9edpq4ZWNy_Ur_7da6QtHxGcgfblbREgybu0jp2yz5Y616-JIZPW_yiVZ3GS2WEHKrIx70wQTCu5Q
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaRfr-8AUL00VzQCm9edpq4ZWNy_Ur_7da6QtHxGcgfblbREgybu0jp2yz5Y616-JIZPW_yiVZ3GS2WEHKrIx70wQTCu5Q
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaRfr-8AUL00VzQCm9edpq4ZWNy_Ur_7da6QtHxGcgfblbREgybu0jp2yz5Y616-JIZPW_yiVZ3GS2WEHKrIx70wQTCu5Q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 18 Sep 2022 19:57:26 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:21 GMT
expires: Thu, 14 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 346985
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 346998
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 346998
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.1 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash fbf2215e2a141a16ff6cc3126a01f35d
ac2f9cd141c6351a59802b08491568aaef543729
6be58d5d30e7064b6c962873b64c9c74b4da63b6ad8b0f9ea0d31522ebda9b95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
216.58.211.6200 OK 60 kB URL HTTP/2 s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (2322)
Hash 36b0ba015b3250f6bda9e89b898f4707
635c67d8b08f40705e87e9c81cb138aef9c2ecdb
c70af3ba570296102947920e68bfe252d08de33b0464a910dd8e5d3ac58410f3
GET /879366/html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://5a2b1a88bb5c427e67abc227507af9c8.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://5a2b1a88bb5c427e67abc227507af9c8.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 60311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 10:30:23 GMT
expires: Mon, 19 Sep 2022 10:30:23 GMT
cache-control: public, max-age=86400
age: 34023
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 921e8a0262005f8ee573fb2b42c1986c
5c75e821cce7f52205386b7264feb86f23eae952
203db2e39e95498c9336df6b8e2814d67a6228aa8531d8b53d3d781878e3d3b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL5OIjmuXEG3f8vGe8q4MjCRBO4agdZJ2AwID12xos-WM6ff40IzLu6CQERzZbZQKGRzp-r8ZeTxbCyeYIpsMBDqbQA8q79Qt-aaGpxwGlLGv-v6K5s7T4DTvUkmOwEIfs27yXKfpK9MgY3Cpj2Ghk1fmyfAWbAWBhegYPQZ0Tm8VU9ioyLz34fgwDoXvE06bMZYK7UCiSxRwUlZHreiPI7vth1b8exJ2Pz5f_vlDMCUWhkvoSe4eE5kON_6Na32KcM255oQxvhMwBVqApifv-PYJsg3prcvzmD_MyyEpArXZjGXpHGywDKiTKpsAJY3PL9G9eOgB7zz4mn2xj7s-g-4P1Pohv7GqN0J9NNlEYei3yPkNo3_uXit7UkFqa10C6hdAAZ2TDupH4nroELKRoITWV8WoHZQeKkztrUtE3BkVAzyxFim9szFCzUyleVc9pUEZmtvnX6Eac7hNnAP_MchS_AnDPBaWjnxdY1LesqT0FjCRFFX5298LpkXMSSFIEjkvyMxWxCobMHJWhrDALPR81Jv65RS-jzn2Z0o3g6sW6pVxaNMM3yp6XAjwyUnVDFXxKvjXUW6KUXLkjZWqfC-yynT5gFXFj9fKNAG7ccyUpVqxQNmMdQH0qTeg1KC9EyMzW6MJmWS3LzgGEo-OnUZqZUS-lTHh-Qv2Hc70NxWxCiv7FEN8zEr0w4HZoLGuAMudOUTsi2PDpVs2XpjYLpkyr5O0dYxzduUQ5_3gcByyMDoD-Eac3qAcQXmITYW-Z8yoS5GUtik7DO6GxuN-OFTkYGeSmxu-wod7emoSMhOHN2KHtp-g9vw05Xk6z1v4XGxTteiy9MuJPlsFXXKzxDe0_zoNVidABqRs3YiqgXcF8is4K0ehQ3KKQzw-hfPNRZN4WUJcRjsIZOhvEwZHiAPKC373DYzkJ1AHc4zxU-leWy2VorMu1gRb7aA4BZULgPhIFKmSatJlZ-QmyCA5oiDi9Y1-qpEMvZXKNtqQExPfuok_TkWHXLSa1IdcbkHc04QMinfNNUbMWzPwopBGyTDJnjM_cpzHWiDkMTXIx6fG319zg3iMSk6D0vv1LaDZyukoK3nBd1E3lSDWNLVjS_oopChq5R_aIAbtNfLv8_nq6gDpyaZGoYq98fli7jbkFY5vfCpRYXEtIXUfIihKWrSyaW5v83_8C0FdfNpyay9LSDqyjgPMAH8Owh56dbbThDEnNxCjNmGrniW1rIJ6_lSm4SrCcqwm8fiAPGKLqh2GwaLrj8jny86f6BNZ9TmDbaAK150D0j2J7VsPDiY0aBwUuowdo6XmAXX6x9ZWhSR1IOz9zej_96WY_DALV2lAWqWdGJYh5oz0-UFsPuZRfSvb0m-lhE_IwxxGXMyQ&sai=AMfl-YRT5QuByAe6tg6X1izpv7TDnMNgfdMx8aVyT34z_5YNgswiw4Ne8Tm3Du9jJ41rpVebRnFH46UgT21427EAOR1-NQrsieWJc91SWkg1-3EU9hL_rBBy1HFWLi7FM5Qan5OMbTSqlAjM2ZV2ATGfTLkR7gCjI1GS5yr5MmOUnfSp9kztkRbNolvIOeJfixmYFuusnj1kQBmoJrCpwGIiB41Cmub8Z-s&sig=Cg0ArKJSzHTZEr4tw3vkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=179&cisv=r20220914.99161&adurl=
142.250.74.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL5OIjmuXEG3f8vGe8q4MjCRBO4agdZJ2AwID12xos-WM6ff40IzLu6CQERzZbZQKGRzp-r8ZeTxbCyeYIpsMBDqbQA8q79Qt-aaGpxwGlLGv-v6K5s7T4DTvUkmOwEIfs27yXKfpK9MgY3Cpj2Ghk1fmyfAWbAWBhegYPQZ0Tm8VU9ioyLz34fgwDoXvE06bMZYK7UCiSxRwUlZHreiPI7vth1b8exJ2Pz5f_vlDMCUWhkvoSe4eE5kON_6Na32KcM255oQxvhMwBVqApifv-PYJsg3prcvzmD_MyyEpArXZjGXpHGywDKiTKpsAJY3PL9G9eOgB7zz4mn2xj7s-g-4P1Pohv7GqN0J9NNlEYei3yPkNo3_uXit7UkFqa10C6hdAAZ2TDupH4nroELKRoITWV8WoHZQeKkztrUtE3BkVAzyxFim9szFCzUyleVc9pUEZmtvnX6Eac7hNnAP_MchS_AnDPBaWjnxdY1LesqT0FjCRFFX5298LpkXMSSFIEjkvyMxWxCobMHJWhrDALPR81Jv65RS-jzn2Z0o3g6sW6pVxaNMM3yp6XAjwyUnVDFXxKvjXUW6KUXLkjZWqfC-yynT5gFXFj9fKNAG7ccyUpVqxQNmMdQH0qTeg1KC9EyMzW6MJmWS3LzgGEo-OnUZqZUS-lTHh-Qv2Hc70NxWxCiv7FEN8zEr0w4HZoLGuAMudOUTsi2PDpVs2XpjYLpkyr5O0dYxzduUQ5_3gcByyMDoD-Eac3qAcQXmITYW-Z8yoS5GUtik7DO6GxuN-OFTkYGeSmxu-wod7emoSMhOHN2KHtp-g9vw05Xk6z1v4XGxTteiy9MuJPlsFXXKzxDe0_zoNVidABqRs3YiqgXcF8is4K0ehQ3KKQzw-hfPNRZN4WUJcRjsIZOhvEwZHiAPKC373DYzkJ1AHc4zxU-leWy2VorMu1gRb7aA4BZULgPhIFKmSatJlZ-QmyCA5oiDi9Y1-qpEMvZXKNtqQExPfuok_TkWHXLSa1IdcbkHc04QMinfNNUbMWzPwopBGyTDJnjM_cpzHWiDkMTXIx6fG319zg3iMSk6D0vv1LaDZyukoK3nBd1E3lSDWNLVjS_oopChq5R_aIAbtNfLv8_nq6gDpyaZGoYq98fli7jbkFY5vfCpRYXEtIXUfIihKWrSyaW5v83_8C0FdfNpyay9LSDqyjgPMAH8Owh56dbbThDEnNxCjNmGrniW1rIJ6_lSm4SrCcqwm8fiAPGKLqh2GwaLrj8jny86f6BNZ9TmDbaAK150D0j2J7VsPDiY0aBwUuowdo6XmAXX6x9ZWhSR1IOz9zej_96WY_DALV2lAWqWdGJYh5oz0-UFsPuZRfSvb0m-lhE_IwxxGXMyQ&sai=AMfl-YRT5QuByAe6tg6X1izpv7TDnMNgfdMx8aVyT34z_5YNgswiw4Ne8Tm3Du9jJ41rpVebRnFH46UgT21427EAOR1-NQrsieWJc91SWkg1-3EU9hL_rBBy1HFWLi7FM5Qan5OMbTSqlAjM2ZV2ATGfTLkR7gCjI1GS5yr5MmOUnfSp9kztkRbNolvIOeJfixmYFuusnj1kQBmoJrCpwGIiB41Cmub8Z-s&sig=Cg0ArKJSzHTZEr4tw3vkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=179&cisv=r20220914.99161&adurl=
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuL5OIjmuXEG3f8vGe8q4MjCRBO4agdZJ2AwID12xos-WM6ff40IzLu6CQERzZbZQKGRzp-r8ZeTxbCyeYIpsMBDqbQA8q79Qt-aaGpxwGlLGv-v6K5s7T4DTvUkmOwEIfs27yXKfpK9MgY3Cpj2Ghk1fmyfAWbAWBhegYPQZ0Tm8VU9ioyLz34fgwDoXvE06bMZYK7UCiSxRwUlZHreiPI7vth1b8exJ2Pz5f_vlDMCUWhkvoSe4eE5kON_6Na32KcM255oQxvhMwBVqApifv-PYJsg3prcvzmD_MyyEpArXZjGXpHGywDKiTKpsAJY3PL9G9eOgB7zz4mn2xj7s-g-4P1Pohv7GqN0J9NNlEYei3yPkNo3_uXit7UkFqa10C6hdAAZ2TDupH4nroELKRoITWV8WoHZQeKkztrUtE3BkVAzyxFim9szFCzUyleVc9pUEZmtvnX6Eac7hNnAP_MchS_AnDPBaWjnxdY1LesqT0FjCRFFX5298LpkXMSSFIEjkvyMxWxCobMHJWhrDALPR81Jv65RS-jzn2Z0o3g6sW6pVxaNMM3yp6XAjwyUnVDFXxKvjXUW6KUXLkjZWqfC-yynT5gFXFj9fKNAG7ccyUpVqxQNmMdQH0qTeg1KC9EyMzW6MJmWS3LzgGEo-OnUZqZUS-lTHh-Qv2Hc70NxWxCiv7FEN8zEr0w4HZoLGuAMudOUTsi2PDpVs2XpjYLpkyr5O0dYxzduUQ5_3gcByyMDoD-Eac3qAcQXmITYW-Z8yoS5GUtik7DO6GxuN-OFTkYGeSmxu-wod7emoSMhOHN2KHtp-g9vw05Xk6z1v4XGxTteiy9MuJPlsFXXKzxDe0_zoNVidABqRs3YiqgXcF8is4K0ehQ3KKQzw-hfPNRZN4WUJcRjsIZOhvEwZHiAPKC373DYzkJ1AHc4zxU-leWy2VorMu1gRb7aA4BZULgPhIFKmSatJlZ-QmyCA5oiDi9Y1-qpEMvZXKNtqQExPfuok_TkWHXLSa1IdcbkHc04QMinfNNUbMWzPwopBGyTDJnjM_cpzHWiDkMTXIx6fG319zg3iMSk6D0vv1LaDZyukoK3nBd1E3lSDWNLVjS_oopChq5R_aIAbtNfLv8_nq6gDpyaZGoYq98fli7jbkFY5vfCpRYXEtIXUfIihKWrSyaW5v83_8C0FdfNpyay9LSDqyjgPMAH8Owh56dbbThDEnNxCjNmGrniW1rIJ6_lSm4SrCcqwm8fiAPGKLqh2GwaLrj8jny86f6BNZ9TmDbaAK150D0j2J7VsPDiY0aBwUuowdo6XmAXX6x9ZWhSR1IOz9zej_96WY_DALV2lAWqWdGJYh5oz0-UFsPuZRfSvb0m-lhE_IwxxGXMyQ&sai=AMfl-YRT5QuByAe6tg6X1izpv7TDnMNgfdMx8aVyT34z_5YNgswiw4Ne8Tm3Du9jJ41rpVebRnFH46UgT21427EAOR1-NQrsieWJc91SWkg1-3EU9hL_rBBy1HFWLi7FM5Qan5OMbTSqlAjM2ZV2ATGfTLkR7gCjI1GS5yr5MmOUnfSp9kztkRbNolvIOeJfixmYFuusnj1kQBmoJrCpwGIiB41Cmub8Z-s&sig=Cg0ArKJSzHTZEr4tw3vkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=179&cisv=r20220914.99161&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5a2b1a88bb5c427e67abc227507af9c8.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 18 Sep 2022 19:57:27 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Sep-2022 20:12:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Sep 2022 19:57:27 GMT
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2&pvid=66110281016963380000&sn=mc_adapter
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2&pvid=66110281016963380000&sn=mc_adapter
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2&pvid=66110281016963380000&sn=mc_adapter HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:57:28 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 11:18:03 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash f16c86ef00d0afc54f4dfc073c1358c0
6fe0da2998f5a699dc004f46ab51ee530eccfc80
8c24e913cdac6e3bcf00913e420a88d426f3b65229d4a5c51f7e1ac4806b9dd1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:28 GMT
Last-Modified: Sun, 18 Sep 2022 18:35:41 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash f16c86ef00d0afc54f4dfc073c1358c0
6fe0da2998f5a699dc004f46ab51ee530eccfc80
8c24e913cdac6e3bcf00913e420a88d426f3b65229d4a5c51f7e1ac4806b9dd1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:28 GMT
Last-Modified: Sun, 18 Sep 2022 18:35:41 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash cd40df88cd0bc1b4907a2b88d483d8f4
b79711b909391d8918289f492e134ff449b040ee
0826ef281126e1cd6b8f21a2be071e862204246ba74113ca390f6d6ce807bbfa
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 19:57:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 22 Sep 2022 18:00:22 GMT
ETag: "b79711b909391d8918289f492e134ff449b040ee"
Last-Modified: Sun, 18 Sep 2022 18:00:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3065
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74cca69ece991bfe-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&domain=sacoma-sao-paulo.brasil-empresas.com&cw=1&lsw=1
178.250.0.157200 OK 64 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&domain=sacoma-sao-paulo.brasil-empresas.com&cw=1&lsw=1
IP 178.250.0.157:0
Hash 4f09bd5b5414ba63de6a0df81bab0abe
7e6a81c7e955f0466c3b787b81e561cae17a6aaf
dc935fb4f419890739f6d4723c752c74c30543fe081005b843251741ed4c9f27
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&domain=sacoma-sao-paulo.brasil-empresas.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:57:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
server-processing-duration-in-ticks: 438236
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
15.197.193.217200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
IP 15.197.193.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e83179bd2c89725867e93f991570b9ef
b63fa651800a5b923b605fea1fee347037a1d69f
fc79550edb5ceee82a709433136808ff5d48b8e3568dee4ef905d888e41a4bf0
GET /track/rid?ttd_pid=prebid&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:57:28 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Tue, 18 Oct 2022 19:57:29 GMT
vary: Origin
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9a5c295d5ce16b9dd85f0c4ee8832b6d
1283bcadb0bf5eea2e440d1421fb029d7fbc6d5e
ff167f9b20212414e521e02f544bcc4cc5db458b34d74212178af082445ecc4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 19:57:28 GMT
Last-Modified: Sun, 18 Sep 2022 19:28:30 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:57:28 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3FZMJF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyRlZ2ZTBaSnNOOEZQdnltYTRGUldwUEVsTXclMkZYOWRWOGJKQ2J4MVJnb3dJ; expires=Fri, 13 Oct 2023 19:57:28 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
server-processing-duration-in-ticks: 162996
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=643967050&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663531031%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195710%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531031&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=643967050&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663531031%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195710%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531031&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/55024114?wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=643967050&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663531031%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195710%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531031&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:29 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:29 GMT
last-modified: Sun, 18-Sep-2022 19:57:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1068922671&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531030%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195710%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531030&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1068922671&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531030%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195710%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531030&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/55024114?wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1068922671&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531030%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195710%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531030&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 383496
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:29 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:29 GMT
last-modified: Sun, 18-Sep-2022 19:57:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=2&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1001988674&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531032%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195711%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531032&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=2&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1001988674&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531032%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195711%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531032&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/55024114?wmode=0&wv-part=2&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1001988674&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531032%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195711%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531032&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 8323
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:30 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:30 GMT
last-modified: Sun, 18-Sep-2022 19:57:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc51940d1-99ea-441e-9490-3c863b1c3f7b.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc51940d1-99ea-441e-9490-3c863b1c3f7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 317bec00e52d8d6e4262f1012671398d
faff41cb28c468d04dd70fe08345eb592e761682
752624baf3cb635f20b641b2cc7e2e7a51314b1f78ffa9967e0670cb85ff7d45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc51940d1-99ea-441e-9490-3c863b1c3f7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6790
x-amzn-requestid: 000e1980-43c3-48ce-9713-879d40672144
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl8TWHjeoAMFTJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257415-38c78207086a541735461fb7;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDcEPiXVElasC0RWKmDdB9_L2pd-Esvq_lEGGGUK14IDa-2LmQ5EGQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:17:16 GMT
age: 45616
etag: "faff41cb28c468d04dd70fe08345eb592e761682"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/55024114?wv-check=27708&wv-type=0&wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1011996119&browser-info=gdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/55024114?wv-check=27708&wv-type=0&wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1011996119&browser-info=gdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/55024114?wv-check=27708&wv-type=0&wmode=0&wv-part=1&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=1011996119&browser-info=gdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:32 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:32 GMT
last-modified: Sun, 18-Sep-2022 19:57:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=2&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=349669007&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=2&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=349669007&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/55024114?wmode=0&wv-part=2&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=349669007&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:32 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:32 GMT
last-modified: Sun, 18-Sep-2022 19:57:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=3&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=882246648&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/55024114?wmode=0&wv-part=3&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=882246648&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/55024114?wmode=0&wv-part=3&wv-hit=1047355881&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&rn=882246648&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663531034%3Aw%3A1268x939%3Av%3A882%3Az%3A0%3Ai%3A20220918195713%3Au%3A1663531027323607733%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Awe%3A1%3Ast%3A1663531034&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 18 Sep 2022 19:57:32 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:32 GMT
last-modified: Sun, 18-Sep-2022 19:57:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/
206.54.190.30200 OK 0 B URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/
IP 206.54.190.30:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-ua-compatible: IE=edge
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
informer.exchangesboard.com/vertical-rates.js
172.67.170.139301 Moved Permanently 0 B URL HTTP/2 informer.exchangesboard.com/vertical-rates.js
IP 172.67.170.139:0
GET /vertical-rates.js HTTP/1.1
Host: informer.exchangesboard.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 18 Sep 2022 19:57:23 GMT
location: https://informer.ex-currency.com/vertical-rates.js
cache-control: max-age=3600
expires: Sun, 18 Sep 2022 20:57:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOVAATLLtq6TenpWaaZGQ41XbzvEk%2B1xxa7u3pndUtJV5xmTqbipKbWzRlLs%2F9gkJdTUmj8eqdFbLwUcGK98x0LTUR9hLSa2GqjH2eSTB2oVP9erU8FHr9KRCnC124izxwMLOPmTsmNomm2cwXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cca68069a5b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
std.wpcdn.pl/wpjslib6/wpjslib-sync.js
212.77.98.32200 OK 0 B URL HTTP/2 std.wpcdn.pl/wpjslib6/wpjslib-sync.js
IP 212.77.98.32:0
ASN #12827 Wirtualna Polska Media S.A.
GET /wpjslib6/wpjslib-sync.js HTTP/1.1
Host: std.wpcdn.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ssp.wp.pl
Connection: keep-alive
Referer: https://ssp.wp.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 19:57:29 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 13:29:17 GMT
x-rgw-object-type: Normal
etag: W/"1b053206ee7f71d618a7c09ed8fc4ab5"
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 300
timing-allow-origin: *
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&domain=sacoma-sao-paulo.brasil-empresas.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&domain=sacoma-sao-paulo.brasil-empresas.com&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&domain=sacoma-sao-paulo.brasil-empresas.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 19:57:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
server-processing-duration-in-ticks: 1131374
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sacoma-sao-paulo.brasil-empresas.com/static/js/libs/owl_carousel/owl.carousel.min.js
206.54.190.30200 OK 0 B URL HTTP/2 sacoma-sao-paulo.brasil-empresas.com/static/js/libs/owl_carousel/owl.carousel.min.js
IP 206.54.190.30:0
Analyzer Verdict Alert fortinet Phishing
GET /static/js/libs/owl_carousel/owl.carousel.min.js HTTP/1.1
Host: sacoma-sao-paulo.brasil-empresas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Cookie: PHPSESSID=06l1kssk2upod4blnt7ophu8k5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Mon, 18 Sep 2023 19:57:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 13 Apr 2019 17:23:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11143
date: Sun, 18 Sep 2022 19:57:23 GMT
server: LiteSpeed
x-content-type-options: nosniff
X-Firefox-Spdy: h2
get.optad360.io/sf/2d578283-a4a5-4f98-82e4-63c5ca544403/plugin.min.js
143.204.55.44200 OK 0 B URL HTTP/2 get.optad360.io/sf/2d578283-a4a5-4f98-82e4-63c5ca544403/plugin.min.js
IP 143.204.55.44:0
GET /sf/2d578283-a4a5-4f98-82e4-63c5ca544403/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 18 Sep 2022 19:57:25 GMT
last-modified: Sun, 18 Sep 2022 11:34:53 GMT
etag: W/"53e512f4251425d1fbbaa143c5ef53f6"
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Adtqhl-zm5_k1X-yjuz0aUSpntdw3McZc60URkT-X0_ude-fh674IA==
X-Firefox-Spdy: h2
optad360.mgr.consensu.org/icons/branding-ads.svg
54.230.111.17200 OK 0 B URL HTTP/2 optad360.mgr.consensu.org/icons/branding-ads.svg
IP 54.230.111.17:0
GET /icons/branding-ads.svg HTTP/1.1
Host: optad360.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 18 Sep 2022 04:01:32 GMT
cache-control: public, max-age=360000000
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zt10ObXwiGAu2uYbx93x5lBdxAMHyDDV3GyRFYnmABVeVIbSX3k11A==
age: 57357
X-Firefox-Spdy: h2
mc.yandex.ru/watch/55024114?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/55024114?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
GET /watch/55024114?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sacoma-sao-paulo.brasil-empresas.com
Connection: keep-alive
Referer: https://sacoma-sao-paulo.brasil-empresas.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/55024114/1?wmode=7&page-url=https%3A%2F%2Fsacoma-sao-paulo.brasil-empresas.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A1350%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A506026955268%3Ahid%3A1047355881%3Az%3A0%3Ai%3A20220918195706%3Aet%3A1663531027%3Ac%3A1%3Arn%3A45680505%3Arqn%3A1%3Au%3A1663531027323607733%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663531024411%3Ads%3A1%2C259%2C228%2C0%2C280%2C0%2C%2C562%2C3%2C%2C%2C%2C1347%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663531027%3At%3AEmpresas%20em%20Sacom%C3%A3%2C%20Sao%20Paulo%2C%20no%20Brasil.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 18 Sep 2022 19:57:25 GMT
access-control-allow-origin: https://sacoma-sao-paulo.brasil-empresas.com
set-cookie: yandexuid=1489861211663531045; Expires=Mon, 18-Sep-2023 19:57:25 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1489861211663531045; Expires=Mon, 18-Sep-2023 19:57:25 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2316244951663531045; Path=/; SameSite=None; Secure
i=vtS1fCGISuRxqZzl1Szi/kMcNOXrHDmm1F7uXMOa6JL6V/f1ZSgn6BhX+xvT82IttTgofAGcrbbfookKKJX3Nbki5i8=; Expires=Wed, 15-Sep-2032 19:57:17 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695067045.yrts.1663531045#1695067045.yrtsi.1663531045; Expires=Mon, 18-Sep-2023 19:57:25 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18-Sep-2022 19:57:25 GMT
last-modified: Sun, 18-Sep-2022 19:57:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2