r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2736
Expires: Fri, 25 Nov 2022 04:05:29 GMT
Date: Fri, 25 Nov 2022 03:19:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4613
Cache-Control: max-age=116891
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:53 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:48:04 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
zoommy.com.br/
198.50.206.224301 Moved Permanently 162 B IP 198.50.206.224:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 03:19:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://zoommy.com.br/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5192
Expires: Fri, 25 Nov 2022 04:46:25 GMT
Date: Fri, 25 Nov 2022 03:19:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:17:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 149
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZZ+xzGcGRp7G5/Hxg/vOAbYnp7HxNrcJNlOc6LYfCcdepwM4gOxPBqeFQsNw9ahk5NukOvBY5z0=
x-amz-request-id: KNNWHHZBYPEV48D5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:40:38 GMT
age: 2355
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:19:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zoommy.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 02:41:08 GMT
expires: Fri, 25 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 2325
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 660
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2709
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:53 GMT
Last-Modified: Fri, 25 Nov 2022 02:34:44 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
fotolembranca.zoommy.com.br/
167.86.84.206200 OK 12 kB URL HTTP/2 fotolembranca.zoommy.com.br/
IP 167.86.84.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (27176), with CRLF, LF line terminators
Hash 1d1845eebde8112b6ec52b9ec6eb65ac
c48405745a42c62e65ab52abe8be3191624d51f5
de5cbf0bfa85ad5c94dd08b689f68ba526c5a16600ccb20e3b812d94302e07ad
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
set-cookie: ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei; path=/; HttpOnly; SameSite=Lax
x-aspnetmvc-version: 5.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 11985
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/css/bootstrap.css
167.86.84.206200 OK 18 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/css/bootstrap.css
IP 167.86.84.206:0
File type assembler source, ASCII text, with very long lines (540), with CRLF line terminators
Hash 353c2b6a031886cd1cf7760abbc61095
d2715f5012e68b8cbe18ccaddcf6feccb042f6f4
fac8ad347669df9d9ef4534b40b705abd26db37e4cd800a82e6fdfc0e99a6000
GET /builder/elements/css/bootstrap.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:56 GMT
accept-ranges: bytes
etag: "0f85d4c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 17604
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/css/style.css
167.86.84.206200 OK 9.5 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/css/style.css
IP 167.86.84.206:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 0439378d3055d8287a067b2224205e89
873d025fd8868dbbff20377db8c365c2d56b442a
5b1065b95b38076acee39438db4f1f984cd4b4394017fd44695f9e027e3797e3
GET /builder/elements/css/style.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:56 GMT
accept-ranges: bytes
etag: "0f85d4c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 9535
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/Content/font-awesome.css
167.86.84.206200 OK 7.4 kB URL HTTP/2 fotolembranca.zoommy.com.br/Content/font-awesome.css
IP 167.86.84.206:0
File type troff or preprocessor input, ASCII text, with very long lines (372), with CRLF line terminators
Hash c02dd13140ce11f9422c642ef4c87bdb
a2fc328e69aa333d8fc34f825f2951c2caf30721
851c0fd239185fe417f8e14e120f872640302056fe834a0882e6fde52a640ac4
GET /Content/font-awesome.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 7449
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/css/magnific-popup.css
167.86.84.206200 OK 1.9 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/css/magnific-popup.css
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash fbef1c0fd4d1843e90fd44a6dc031ce4
3c314e670d86409aaa79f20a385537a6b50d0807
8f98469bd9fca981389ad5f092b78b08a67613740c22de3bd0c495aa24f739d9
GET /builder/elements/css/magnific-popup.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:56 GMT
accept-ranges: bytes
etag: "0f85d4c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 1948
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/css/iconfont-style.css
167.86.84.206200 OK 2.7 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/css/iconfont-style.css
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash 5ed720fa4769c94860ae3aa4fec47912
388fc3e443f4031e483bad7febe4a53278496c7d
fe56a7ad03543547201463d6ff6b48680c9d5811e3367050d630c0300bc8a64a
GET /builder/elements/css/iconfont-style.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:56 GMT
accept-ranges: bytes
etag: "0f85d4c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2701
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/animations/animate.css
167.86.84.206200 OK 4.3 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/animations/animate.css
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash edd3de78aec54179f2d62d726e76feca
199952c34ff18ecbf56a9ea6a0279cdcd29bb033
b8ee874afa4002ade9cb6aa6b270aa0315d51b15bc57a5f4eff0a3bc09391a08
GET /builder/elements/scripts/animations/animate.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 4314
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fotolembranca.zoommy.com.br/builder/elements/css/popup.css
167.86.84.206200 OK 826 B URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/css/popup.css
IP 167.86.84.206:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash d151c554db8f93a040584352cd6a3675
4a1c594ea768015533e0526722d8d7dd15948d1b
97afa0970294b7491e87d60b1b0324a6a4dac425f9c0b9051f854dac507bdd8c
GET /builder/elements/css/popup.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:56 GMT
accept-ranges: bytes
etag: "0f85d4c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 826
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery-1.11.2.min.js
167.86.84.206200 OK 33 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery-1.11.2.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (32047), with CRLF line terminators
Hash aaf82bda7cd98e77c8c75cd05bba4a14
893ad0c277f5422d0df55d5118c4f76df140f28f
3ed20e8c51c705d3eb8e4a7bc3f59b4eaf3250cc32a94fb4208a32442d8393af
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery-1.11.2.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 33380
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/html5shiv.js
167.86.84.206200 OK 1.6 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/html5shiv.js
IP 167.86.84.206:0
File type HTML document, ASCII text, with very long lines (645), with CRLF line terminators
Hash 9e7e532dfb442740ed7be68fa2c69fc4
e58cb86fe87d9fa3fb87bcac0f843abf1a69c19e
899a4b0d542690c05a45e0e0341b5dcdea7e9845de54fc7da6f35c2a8f56c47c
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/html5shiv.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "cd9274d8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 1574
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/respond.min.js
167.86.84.206200 OK 2.2 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/respond.min.js
IP 167.86.84.206:0
File type HTML document, ASCII text, with very long lines (4453), with CRLF line terminators
Hash db3026138f8e2d87619f74400b93c39c
35a78bd2bcdc3353acb6b55ed5e658d494c8f8a5
8158df7b6ca794cb3f0a9f7592a16ac174a40a0a3b2cb40dd9206522ddb1f3cc
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/respond.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2227
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/bootstrap.min.js
167.86.84.206200 OK 7.1 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/bootstrap.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (25999), with CRLF line terminators
Hash 0b745027248460e4b1fb033f2e47918b
30a2af68b41364d7a3ef3c0a4db327ff75cd114d
2ac26baad0eaf1cb34e3d5135f0f7e1be6aaab300a022983779dc72d5673b402
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/bootstrap.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 7129
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.validate.min.js
167.86.84.206200 OK 6.5 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.validate.min.js
IP 167.86.84.206:0
File type Unicode text, UTF-8 text, with very long lines (1290), with CRLF line terminators
Hash 7d263a6fee7c860dcd31de7553b83c3e
baa4adac1e8756be91dca6cfb7c8c7120b4569b9
40a01db94cd3059e243d2a065ce01e70901bac367611608e41f6dd3f0f968f20
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery.validate.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 6523
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/smoothscroll.js
167.86.84.206200 OK 7.0 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/smoothscroll.js
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash 0511e979bcf48817404090fa6fc42b3a
51573d216d1aee90897e1cdf7b3f7f1dd1a45778
54b4c6c9807f2716418fba5cd4edbb82d01b5df909d59295ac0943e12aeaeecf
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/smoothscroll.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 6951
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.smooth-scroll.min.js
167.86.84.206200 OK 1.3 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.smooth-scroll.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (2772), with CRLF line terminators
Hash e3193470ad0b8623615e00dc2d85306c
e06140a9b9bcf075736e1cd15f0e70e8a5f170a2
452c814761bf7f4dfd1e32b28baae00ef6b0c3d84e0a4a530de947f53c08130e
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery.smooth-scroll.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 1326
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/placeholders.jquery.min.js
167.86.84.206200 OK 1.8 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/placeholders.jquery.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (4610), with CRLF line terminators
Hash 4dbaa6f342cbd0313e12666ebe6a40ce
05ee066c89d51fd8f0d38f77046a66c19d33395e
fda96665e1ad894fb3e802c992bc77ff85e2b612ef78918590800aa69f827164
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/placeholders.jquery.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 1756
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.magnific-popup.min.js
167.86.84.206200 OK 7.6 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.magnific-popup.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (20818), with CRLF line terminators
Hash cf8fae33adbb05d7cc3a8368cfe92b91
4ff230694c4af866fe2fdf3be99dbefd62e58c6d
f6d8e01b05de02829459d9ddfad46690139b72cf8198ffafa69c542c46e0f709
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery.magnific-popup.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 7618
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.counterup.min.js
167.86.84.206200 OK 760 B URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.counterup.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash b5436c6aee66bec6982803309dfbef6d
73a7375793bf3b4915976b4b31ccb981791ac0f5
da7e5ffd7f9c6f620a7eba40b72392b2f433edc851b1774780a98d08bd274af3
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery.counterup.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "4151274d8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 760
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/waypoints.min.js
167.86.84.206200 OK 2.6 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/waypoints.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (7828), with CRLF line terminators
Hash fa640bc5c2156cd5576a40837f8fcba4
629266ff9e715282cbc06f15ade9d96ae15ff083
3d7a4de379483158d939e4ed58560d8e5d26281989364c8c3670f81b41537ba6
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/waypoints.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2608
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/video.js
167.86.84.206200 OK 17 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/video.js
IP 167.86.84.206:0
File type HTML document, ASCII text, with very long lines (1117), with CRLF line terminators
Hash be30a65800191e7c8ad66da6d54ed4fc
32431fc21084b7f7992c19a991d5d781284a2675
ac65f4108646539b8162788b82f12a77ae9bc27aa9121b56f7215703570f50b7
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/video.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 17084
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/bigvideo.js
167.86.84.206200 OK 3.2 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/bigvideo.js
IP 167.86.84.206:0
File type HTML document, ASCII text, with CRLF line terminators
Hash ad3faf99c4eaa606884a47ef7a3706fe
054a6e92c54bed921a6304a0f17300254c7b5be2
aadde46250c66685965f84dd82ef48dd8e1fc4e98a057890628ae20af58ef84a
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/bigvideo.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 3174
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/animations/wow.min.js
167.86.84.206200 OK 2.7 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/animations/wow.min.js
IP 167.86.84.206:0
File type ASCII text, with very long lines (8152), with CRLF line terminators
Hash acbc141c1c0883ff0b4fad9765521c98
4bd2bb41f5f64d65d6d3b95032fda5adf9fcc8a9
a3c0807baa6170c1887365dad3c52eb00b156976552441e0c6453d4497dc5c10
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/animations/wow.min.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2706
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.jCounter-0.1.4.js
167.86.84.206200 OK 3.6 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.jCounter-0.1.4.js
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash 0e0c27f5ff75537c90d6d5eeb8e7e480
371a90388d9272ae4f1409331cd08ab6af02da3d
9854e4990696297519dd8a4d7cd8b684b355f1d253fb368a7e7a0a72f3ea8dda
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery.jCounter-0.1.4.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 3600
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.autogrow-textarea.js
167.86.84.206200 OK 1.1 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/jquery.autogrow-textarea.js
IP 167.86.84.206:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1d61f85758980cf588aadd5763499dc9
652afe4c5a812e4f40f31d15eeb55cdfafd9ffe7
4cd1382ef93bc266758268a16a779c6247f8604b2351d4d2646c6914bba4c7fd
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/jquery.autogrow-textarea.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 1075
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/scripts/globalize/globalize.js
167.86.84.206200 OK 13 kB URL HTTP/2 fotolembranca.zoommy.com.br/scripts/globalize/globalize.js
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash 97e7ddb6884cba8cfa278c346037dd7a
ce4028b8837e2a73a2279b9d031ad005ee071bb5
779a1cc04988bc4dd98fe549d1c3b7d67694f5c6807518fd68dcfff916109a1f
Analyzer Verdict Alert fortinet Phishing
GET /scripts/globalize/globalize.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:59 GMT
accept-ranges: bytes
etag: "80bb274e8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 13217
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/scripts/globalize/cultures/globalize.culture.pt-BR.js
167.86.84.206200 OK 1.2 kB URL HTTP/2 fotolembranca.zoommy.com.br/scripts/globalize/cultures/globalize.culture.pt-BR.js
IP 167.86.84.206:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash c74a432205f42ce5ff9296d6692b7f8f
f7f92eac6502c988680315ba3ad743937f1e6159
227250da5093382837b28b2c011b832f7666764b86bb8f7ebd2139ae13f7759f
Analyzer Verdict Alert fortinet Phishing
GET /scripts/globalize/cultures/globalize.culture.pt-BR.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:59 GMT
accept-ranges: bytes
etag: "a41e844e8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 1159
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/custom.js
167.86.84.206200 OK 2.2 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/custom.js
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash 8c49e213a3d7981ee9ea29351521c023
578bd9922c8a565b8e1ec42f081b32b6b7d1271b
95655d17b4f431c32600057aa34b29bfd2e20683894ae418626a5f6e98b4a508
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/custom.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2215
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/builder/elements/scripts/popup.js
167.86.84.206200 OK 2.9 kB URL HTTP/2 fotolembranca.zoommy.com.br/builder/elements/scripts/popup.js
IP 167.86.84.206:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2600), with CRLF line terminators
Hash 32f45493e9b183a0787d697dc9fa6eaa
a230b5858ca7aaff1301ff2b8fef2fc57041334d
e190877aad826dd93e944df359c555a86943b1dba098c1b1996b8b0af6e416e3
Analyzer Verdict Alert fortinet Phishing
GET /builder/elements/scripts/popup.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2860
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/Content/carousel.v2.css
167.86.84.206200 OK 984 B URL HTTP/2 fotolembranca.zoommy.com.br/Content/carousel.v2.css
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash 55ac93ad41eff663d5577651af6daf3c
926473f8ec6afd0d9a8e4a2ce62b9034912aedd0
facc78e2985f074458aa51f9c3c2e14776125527bff599c9e73d8cad7c3b992c
GET /Content/carousel.v2.css HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:57 GMT
accept-ranges: bytes
etag: "808ef64c8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 984
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/scripts/jquery.form.js
167.86.84.206200 OK 12 kB URL HTTP/2 fotolembranca.zoommy.com.br/scripts/jquery.form.js
IP 167.86.84.206:0
File type ASCII text, with CRLF line terminators
Hash a98c60d4553918fbb1973e91a1c3a779
31303f1b3f3decd341ce80edd7270c2451308193
a94b02e4afafbefd46deaded722c8ffc0059153d7a54e1831d02212dd9144e5b
Analyzer Verdict Alert fortinet Phishing
GET /scripts/jquery.form.js HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 22:26:59 GMT
accept-ranges: bytes
etag: "80bb274e8add81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 12255
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/Contents/page-advertising?v=OIjdLiP3zDbbwyGzc4HCP78v7aQq62NmROEun6odIEE1
167.86.84.206200 OK 954 B URL HTTP/2 fotolembranca.zoommy.com.br/Contents/page-advertising?v=OIjdLiP3zDbbwyGzc4HCP78v7aQq62NmROEun6odIEE1
IP 167.86.84.206:0
File type ASCII text, with very long lines (3114), with no line terminators
Hash 109cc50c7f7469599a5be2cb7a4fc3f3
18495c3d02840daea97d76535913722bb92265ee
b387bac53e48e6cdaad38ec7576c139d6e71083bcb39e93bfe248485caada8c2
GET /Contents/page-advertising?v=OIjdLiP3zDbbwyGzc4HCP78v7aQq62NmROEun6odIEE1 HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Sat, 25 Nov 2023 03:19:55 GMT
last-modified: Fri, 25 Nov 2022 03:19:55 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 954
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/bundles/page-capform?v=KNHAZZuHsaBypgrGEGz6ldaVigcr0IqAbNnKRPnF7Oo1
167.86.84.206200 OK 2.5 kB URL HTTP/2 fotolembranca.zoommy.com.br/bundles/page-capform?v=KNHAZZuHsaBypgrGEGz6ldaVigcr0IqAbNnKRPnF7Oo1
IP 167.86.84.206:0
File type ASCII text, with very long lines (6651), with no line terminators
Hash 504f93230503310cd94c3e83fb707f0b
07dd2f4922d084bec2a2e133f1dc4e80c1c6408e
a50569d85eb2abc02ad391382d458d855c69332f4861208d9cfa4e3cf3c616af
Analyzer Verdict Alert fortinet Phishing
GET /bundles/page-capform?v=KNHAZZuHsaBypgrGEGz6ldaVigcr0IqAbNnKRPnF7Oo1 HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sat, 25 Nov 2023 03:19:55 GMT
last-modified: Fri, 25 Nov 2022 03:19:55 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 2536
X-Firefox-Spdy: h2
fotolembranca.zoommy.com.br/bundles/globalize?v=Z7dQo83eosj7yLn2TxGEoPKpiluP65U_S4JHNU9GjkM1
167.86.84.206200 OK 9.6 kB URL HTTP/2 fotolembranca.zoommy.com.br/bundles/globalize?v=Z7dQo83eosj7yLn2TxGEoPKpiluP65U_S4JHNU9GjkM1
IP 167.86.84.206:0
File type Unicode text, UTF-8 text, with very long lines (22548), with no line terminators
Hash 9b684658a726e0a83c356ea383341cd8
6cbd5cf03bd967ff0c424f6d453dcc3361f4d315
367ff260bbd848a31cda11fcb844f4d4ddc1957f777b5421fb93e713f34d715e
Analyzer Verdict Alert fortinet Phishing
GET /bundles/globalize?v=Z7dQo83eosj7yLn2TxGEoPKpiluP65U_S4JHNU9GjkM1 HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sat, 25 Nov 2023 03:19:55 GMT
last-modified: Fri, 25 Nov 2022 03:19:55 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 9649
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 653a15ad404a09bde8ef940d6e5343dc
b87eb74ff32be2a1b4accad7576985366bb52013
c0c22fd2bb4267b3e6fd3b3c7fc8131d1ce631f2f80f85c931a3fdea028b27a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85971
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Etag: "637ee12d-116"
Expires: Sat, 26 Nov 2022 03:12:45 GMT
Last-Modified: Thu, 24 Nov 2022 03:12:45 GMT
Server: nginx
Content-Length: 278
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rM6g2tLuhpfGPJjW76UbTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QtdAWa/UzRf+4s2wq73YHyv5l2I=
fotolembranca.zoommy.com.br/bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1
167.86.84.206200 OK 355 B URL HTTP/2 fotolembranca.zoommy.com.br/bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1
IP 167.86.84.206:0
File type ASCII text, with very long lines (357), with no line terminators
Hash b6984199ec0f51e93d7064a7be4bd6d2
304aeaaa4c574a8a71d60894fb04ea9671f47eeb
37669d38f2ef8020e68fd75094cb708b0432e1e645ed2606509251e1e4034ff0
Analyzer Verdict Alert fortinet Phishing
GET /bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1 HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sat, 25 Nov 2023 03:19:55 GMT
last-modified: Fri, 25 Nov 2022 03:19:55 GMT
vary: User-Agent,Accept-Encoding
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:54 GMT
content-length: 355
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a9db65e5eebe7df9f3a614f3a496c792
3004fbef5a7db4cd95896cee139685db3101b6d7
1b902c50b68244c02061ec1fe50cd3bec5dcde68a82c200ac041c97abfb0eafd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Etag: "637ee12d-116"
Server: ECS (amb/6BC0)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 653a15ad404a09bde8ef940d6e5343dc
b87eb74ff32be2a1b4accad7576985366bb52013
c0c22fd2bb4267b3e6fd3b3c7fc8131d1ce631f2f80f85c931a3fdea028b27a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85971
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Etag: "637ee12d-116"
Expires: Sat, 26 Nov 2022 03:12:45 GMT
Last-Modified: Thu, 24 Nov 2022 03:12:45 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 653a15ad404a09bde8ef940d6e5343dc
b87eb74ff32be2a1b4accad7576985366bb52013
c0c22fd2bb4267b3e6fd3b3c7fc8131d1ce631f2f80f85c931a3fdea028b27a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85971
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Etag: "637ee12d-116"
Expires: Sat, 26 Nov 2022 03:12:45 GMT
Last-Modified: Thu, 24 Nov 2022 03:12:45 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 653a15ad404a09bde8ef940d6e5343dc
b87eb74ff32be2a1b4accad7576985366bb52013
c0c22fd2bb4267b3e6fd3b3c7fc8131d1ce631f2f80f85c931a3fdea028b27a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=85971
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Etag: "637ee12d-116"
Expires: Sat, 26 Nov 2022 03:12:45 GMT
Last-Modified: Thu, 24 Nov 2022 03:12:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 653a15ad404a09bde8ef940d6e5343dc
b87eb74ff32be2a1b4accad7576985366bb52013
c0c22fd2bb4267b3e6fd3b3c7fc8131d1ce631f2f80f85c931a3fdea028b27a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=85971
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Etag: "637ee12d-116"
Expires: Sat, 26 Nov 2022 03:12:45 GMT
Last-Modified: Thu, 24 Nov 2022 03:12:45 GMT
Server: nginx
Content-Length: 278
blob.contato.io/machine-user-images/img-55398-20160829144846.PNG
172.67.221.31200 OK 2.1 kB URL HTTP/2 blob.contato.io/machine-user-images/img-55398-20160829144846.PNG
IP 172.67.221.31:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 30693d068681e05fcdc9d204880c556a
c07a582fc49045ab03828f74a2f8784020ed8def
0e3bcb8c87ee71788dae277cbf0f5f55307e6f283eb84bf343f00a9f0669877b
GET /machine-user-images/img-55398-20160829144846.PNG HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: application/octet-stream
content-length: 2086
content-md5: MGk9BoaB4F/NydIEiAxVag==
last-modified: Mon, 29 Aug 2016 17:49:48 GMT
etag: 0x8D3D034DEA75338
x-ms-request-id: 981d7db1-601e-0025-117c-003e73000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MInq6vtAjkOHioCOBGiq2X%2BgRg5TJtiUnNvt6TOaZyMoQBZP02hdnmiqQN5DVMqTKWckvN84LpgOoiwhEb53AD5nsr1UHVnzfQiR%2BN%2FAeHrWhvRAS%2BL%2BVnkYl1tIw6lpEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b80bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/LOGO_ZOOMMY_150-img-2490628-20200326234254.png
172.67.221.31200 OK 11 kB URL HTTP/2 blob.contato.io/machine-user-images/LOGO_ZOOMMY_150-img-2490628-20200326234254.png
IP 172.67.221.31:0
File type PNG image data, 150 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 36daa5c246a839117374efab9bed2f5d
f363fa4af063bfd195443adbaeea281609255b9e
0c7ebdbcaa1530fce680c413d107a0d6a4bd90ec347943f05357b84314063467
GET /machine-user-images/LOGO_ZOOMMY_150-img-2490628-20200326234254.png HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: application/octet-stream
content-length: 10949
content-md5: NtqlwkaoORFzdO+rm+0vXQ==
last-modified: Fri, 27 Mar 2020 02:42:54 GMT
etag: 0x8D7D1F88D1166F1
x-ms-request-id: 66ee148d-c01e-0028-4f7c-00d17f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWKvwdtKjan2vyqH56if8vXiDpZEQTdRr8xsOIxD6U%2F9RSlSOJUz%2FM%2Feq1ak7%2Fed3r1utJ9Gouy8xSKhSEGZPwyzJpLe6QsvwOyO8h4NnDl3kSJkGfKazD1YiVpNbHWh0Q4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b80ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-files/builder/navdropdown.js
172.67.221.31200 OK 51 kB URL HTTP/2 blob.contato.io/machine-files/builder/navdropdown.js
IP 172.67.221.31:0
File type ASCII text, with CRLF line terminators
Hash e1feb2b7dd0950d63ba911e5c1ad783a
93d12e1386989a0ab483ab44742058b8c7517e17
edd35b0fcda242c4591108e220365dd84f20c9dfc30225a27ce2d2fdc392a34f
GET /machine-files/builder/navdropdown.js HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: application/javascript
content-md5: x4bwYb8liVm/Lv/38O5IOw==
last-modified: Fri, 08 Jun 2018 21:05:03 GMT
x-ms-request-id: 17d8b067-301e-005b-6f47-f5a1bc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: HIT
age: 5728
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tIFPDRT%2FCw2suU2zLBwti9Xb7S2hjT34egVC4xjETXNrl%2BcHeRjuhEyQJPIcdaM83anMsawLAb%2BzKRI9bn%2BM%2BTFHPXLjqmTS%2BVbkyOwK5Nl4MlViKXKgGvS9MUUwwIpjCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b815b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fotolembranca.zoommy.com.br/Builder/elements/css/fonts/iconfont.woff?-8vg322
167.86.84.206200 OK 124 kB URL HTTP/2 fotolembranca.zoommy.com.br/Builder/elements/css/fonts/iconfont.woff?-8vg322
IP 167.86.84.206:0
File type Web Open Font Format, TrueType, length 123836, version 1.0\012- data
Size 124 kB (123836 bytes)
Hash 6d4c214764a8a3dc7f0c8feab1e02cdf
29b95407732a7a301f1a8621b077f91d3596a914
0e5674c8f5ae96cf47bc2461875ad2bdd5043402252a9276e761664d192140fc
GET /Builder/elements/css/fonts/iconfont.woff?-8vg322 HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/builder/elements/css/iconfont-style.css
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-type: font/x-woff
last-modified: Wed, 10 Aug 2022 22:26:56 GMT
accept-ranges: bytes
etag: "8f57f34c8add81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:55 GMT
content-length: 123836
X-Firefox-Spdy: h2
blob.contato.io/machine-files/builder/pop-exit.js
172.67.221.31200 OK 25 kB URL HTTP/2 blob.contato.io/machine-files/builder/pop-exit.js
IP 172.67.221.31:0
File type ASCII text, with very long lines (1475), with CRLF line terminators
Hash 3fc18ca94a743e2dcbd75b295027c9eb
899f24f02b68466d6e0bb76afc3d1e13198bb458
62518243959a6a52c0e1812cfa4c8348e7d2051c4c39d3e43fa429aeca4e2286
GET /machine-files/builder/pop-exit.js HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: application/javascript
content-md5: DLU2tqrmTJQ4yPRZNaLG1w==
last-modified: Wed, 08 Mar 2017 14:39:26 GMT
x-ms-request-id: 868e4fce-601e-0061-6ea3-efe21f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xkD0kUeozB%2Fa%2FzrTxtZpPITzTNaLqI84%2BIKEf1U6ph69z0%2FHoTSiKegy7DpWx4NXWsrvtShEaZ2ufWju96s%2BkNTJGWEAgbx2w5et42LU3Bbx5eYM0jCBb0asGLUvUIVlvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4affab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fotolembranca.zoommy.com.br/fonts/fontawesome-webfont.woff2?v=4.7.0
167.86.84.206200 OK 77 kB URL HTTP/2 fotolembranca.zoommy.com.br/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 167.86.84.206:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/Content/font-awesome.css
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
last-modified: Wed, 10 Aug 2022 22:27:01 GMT
accept-ranges: bytes
etag: "3545824f8add81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:55 GMT
content-length: 77160
X-Firefox-Spdy: h2
blob.contato.io/machine-files/amodels/webflow.js
172.67.221.31200 OK 35 kB URL HTTP/2 blob.contato.io/machine-files/amodels/webflow.js
IP 172.67.221.31:0
File type Unicode text, UTF-8 text, with very long lines (28765)
Hash a3017f4fd1d42736e40c33aa1acdaf0a
99c9b05ad3aae5d2107708f9d38d5376a5258a91
c91cf06954c8b016542de247629d088b9c50dccc306f9de618989d761da8c157
GET /machine-files/amodels/webflow.js HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: application/javascript
content-md5: 8ojJQjWogAVDId5h3RqYTw==
last-modified: Tue, 11 Dec 2018 19:34:04 GMT
x-ms-request-id: 8d11419b-101e-004c-25fb-7961df000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1uDtKI3MQIiB7y4pdYfphQiKOqhHo72ZYJRNUcHJIgnDJaZWU3zgqww%2FNJpvHZl1l9aoTEbqx63986YDqhXXUs88fVC4qD33D0px%2FfM6VGYHglt%2BrBWE45rYC3ypzZYz%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4affbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15764, version 1.0\012- data
Hash 603b8950590bf833546eee7cbc79944a
ebbde06eb829868c5f689afe2d48377608be1e7b
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
GET /s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fotolembranca.zoommy.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:40:25 GMT
expires: Thu, 23 Nov 2023 19:40:25 GMT
cache-control: public, max-age=31536000
age: 113970
last-modified: Wed, 11 May 2022 19:24:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fotolembranca.zoommy.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 116766
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Hind:600,300|Roboto:500,100,300|Abril+Fatface|Open+Sans:400,700,800|Montserrat:400,700|Droid+Sans:400,700|Arvo:400,700|Cabin:400,700|Patua+One|Raleway:400,700|Lobster|Josefin+Sans:400,700|Poppins:400,700|Montserrat+Alternates:400,700
142.250.74.10200 OK 19 kB URL HTTP/2 fonts.googleapis.com/css?family=Hind:600,300|Roboto:500,100,300|Abril+Fatface|Open+Sans:400,700,800|Montserrat:400,700|Droid+Sans:400,700|Arvo:400,700|Cabin:400,700|Patua+One|Raleway:400,700|Lobster|Josefin+Sans:400,700|Poppins:400,700|Montserrat+Alternates:400,700
IP 142.250.74.10:0
Hash 99fe204b03876f5b87291b6594078031
1016500226843b8b97398ec45b8fbd6da7a48add
b6d63c01108870eb2acdeded7a6ebbab57c3b2d0d069bccc6b4e62d2e691e148
GET /css?family=Hind:600,300|Roboto:500,100,300|Abril+Fatface|Open+Sans:400,700,800|Montserrat:400,700|Droid+Sans:400,700|Arvo:400,700|Cabin:400,700|Patua+One|Raleway:400,700|Lobster|Josefin+Sans:400,700|Poppins:400,700|Montserrat+Alternates:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:19:54 GMT
date: Fri, 25 Nov 2022 03:19:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fotolembranca.zoommy.com.br/Pages/AddPageViewScript
167.86.84.206200 OK 4 B URL HTTP/2 fotolembranca.zoommy.com.br/Pages/AddPageViewScript
IP 167.86.84.206:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Analyzer Verdict Alert fortinet Phishing
POST /Pages/AddPageViewScript HTTP/1.1
Host: fotolembranca.zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 41
Origin: https://fotolembranca.zoommy.com.br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Cookie: _ga=GA1.3.1404466950.1669346393; _gid=GA1.3.62721570.1669346393; _gat=1; ASP.NET_SessionId=j0i05gq3lygqsoisxctyknei
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: application/json; charset=utf-8
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
x-aspnetmvc-version: 5.0
x-aspnet-version: 4.0.30319
set-cookie: llbrMachine_383746=14293731=14293731; expires=Wed, 25-Nov-2522 03:19:56 GMT; path=/
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Fri, 25 Nov 2022 03:19:55 GMT
content-length: 4
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:19:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Fri, 25 Nov 2022 04:05:52 GMT
Date: Fri, 25 Nov 2022 03:19:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 19097
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92171fa8fbc051aefeb8ceb6072848de
377775b7c7b085efa6dd653d285ba3a52af6a549
537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 56573
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 19440
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 80127
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc7c4877bfa24d0c1bbb774cd906af1
75d9a14e98ffba5a71a6f710be721b593338ffdc
b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQzsFY3IAMF9iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nqv3cZb0_TFYs1XuLw1pCg4B1HmA87mj4S1Sjh3cgXyWd3GnweAY7w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:26:03 GMT
age: 82432
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JbjUiHcVu2ytN848RqI8Ygkd0R9YCnq_OeFdc5Y5JTymA2k9HN4lZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
age: 20694
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/6-img-2490628-20200329133051.jpg
172.67.221.31200 OK 142 kB URL HTTP/2 blob.contato.io/machine-user-images/6-img-2490628-20200329133051.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=400], progressive, precision 8, 400x400, components 3\012- data
Size 142 kB (141910 bytes)
Hash 5a16f3bdeb2fb79cdc42f0a615e5ab9e
5bf77e7f2696635655af9c38dbe63c45a2ee1f96
bb4b5850d341859a95b404e2e49faa790251962c5eb948ff20648ccbb7a8f85b
GET /machine-user-images/6-img-2490628-20200329133051.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 141910
content-md5: Whbzvesvt5zcQvCmFeWrng==
last-modified: Sun, 29 Mar 2020 16:30:51 GMT
etag: 0x8D7D3FE8BE3961A
x-ms-request-id: 1ec873b7-501e-0062-367c-00e118000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rvtqnNsFhZsi4u3ap0t4FbM3fLewSDH0eimZfPogZP8Ag5scDKMzD5KI5%2FTFFa8HEi4WJYtfSHdTfs8J09cL8Gqxtzs4i7fTBeUD5lXnPt8k5FtOZWEZ9KjtA2%2F88gYNog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a808b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/4-img-2490628-20200329132440.jpg
172.67.221.31200 OK 98 kB URL HTTP/2 blob.contato.io/machine-user-images/4-img-2490628-20200329132440.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=400], progressive, precision 8, 400x400, components 3\012- data
Hash 1f3784c1c96a1764aa68bce292a80015
120e5596acc1e1bd2cc9c6021d481f312458b563
166eaa60853f714759f0c20a3463e13f33dc884799065e2922e3e449ac46c79d
GET /machine-user-images/4-img-2490628-20200329132440.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 98378
content-md5: HzeEwclqF2SqaLzikqgAFQ==
last-modified: Sun, 29 Mar 2020 16:24:40 GMT
etag: 0x8D7D3FDAECBB3F4
x-ms-request-id: 78c08af7-c01e-004e-4f7c-006325000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adneY7q6maPGeVUjYntfBjfsQuuiEwsLugRZmgBRTVC80AgWeB6JS187fb1U4ONZe%2Bh%2Fl67SsquTUR7c24CtNNreaj%2FTRh1r%2BVB0IbQx7zTKoFiT6Ajjxe%2BK2RNLlon4%2BeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a806b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/5-img-2490628-20200329133121.jpg
172.67.221.31200 OK 111 kB URL HTTP/2 blob.contato.io/machine-user-images/5-img-2490628-20200329133121.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=400], progressive, precision 8, 400x400, components 3\012- data
Size 111 kB (111058 bytes)
Hash b35e6cbc6289fc5a0504b6d062374b74
6925c5e209f6aee630988ee935695a0e56a6ba6f
48345ddb185d944c16ed3c291dadaf9b03a52589a147652f017d7af46b5cda54
GET /machine-user-images/5-img-2490628-20200329133121.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 111058
content-md5: s15svGKJ/FoFBLbQYjdLdA==
last-modified: Sun, 29 Mar 2020 16:31:21 GMT
etag: 0x8D7D3FE9DB25456
x-ms-request-id: 981d7dc3-601e-0025-1b7c-003e73000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5KO%2B9rsclwGd227yM4KoBSc11gUBHUYtoUdo12OxiSBccaFRfD6UrOq1EK4cXC%2BX8EcJgvwtNVFXf9TUM7Ru76x4U8agTDlyxZPnHjP2GbREDNGe9YSmV0SO0aay2emZSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a805b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/1-img-2490628-20200329125334.jpg
172.67.221.31200 OK 175 kB URL HTTP/2 blob.contato.io/machine-user-images/1-img-2490628-20200329125334.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=400], progressive, precision 8, 400x400, components 3\012- data
Size 175 kB (174832 bytes)
Hash 5a63e93e8a9c5a8398fa0825b54e0a91
ecec5a1dcbc6cae8a57892f1dee7cd76e9f2cee9
f32f960f1cf0d49710a15fe5d236c255077f5fa1cfd591fc259bfebed833b318
GET /machine-user-images/1-img-2490628-20200329125334.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 174832
content-md5: WmPpPoqcWoOY+ggltU4KkQ==
last-modified: Sun, 29 Mar 2020 15:53:34 GMT
etag: 0x8D7D3F95647C357
x-ms-request-id: 42fef74b-201e-0000-6a7c-00a6c0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eE%2B7iBKeHOESaM0hAY8vovlXu7cKzn%2BlRbyrvzgrIooNheXM4Ia3vw8PtUOdf24knKRn1m%2FoVOeRVBo2eFDAE6888rhvSp3E9Z5v%2BFkX3q4bsyXBQ8BbODmJwxqLjiXENTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a801b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/2-img-2490628-20200329130857.jpg
172.67.221.31200 OK 159 kB URL HTTP/2 blob.contato.io/machine-user-images/2-img-2490628-20200329130857.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=400], progressive, precision 8, 400x400, components 3\012- data
Size 159 kB (159217 bytes)
Hash 05bdd250dffa02d7d0fdcb22e7fc4289
04afb3b1a368bb147934360d4511a0b07a7c609d
eb3d7d0bf89c86840ac2619641f239a96ecc228a738d2002e54da417055795f0
GET /machine-user-images/2-img-2490628-20200329130857.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 159217
content-md5: Bb3SUN/6AtfQ/csi5/xCiQ==
last-modified: Sun, 29 Mar 2020 16:08:58 GMT
etag: 0x8D7D3FB7D3CF2B9
x-ms-request-id: a141798f-801e-0006-547c-0051b8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziLdeYM1J%2FqC2FBub9%2BJ2nVRoU1RbjigsSa3RgYOiBcAKyvFSSTT734ySBfxfv%2FqhClZ%2F82f90z%2BxJDAxVlc9QCFa02emC%2BLShCgDOGlOkpxvLnqWVQ6aFO2Rg6szyIte6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a802b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/3-img-2490628-20200329131307.jpg
172.67.221.31200 OK 161 kB URL HTTP/2 blob.contato.io/machine-user-images/3-img-2490628-20200329131307.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=400, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=400], progressive, precision 8, 400x400, components 3\012- data
Size 161 kB (160746 bytes)
Hash 1155b9a37b088c7726ca9d1ba1b643b2
090fe87f20ad91ac5d3d843919d9394da4262d3e
d358dfe6304634315bc3999d2187b2f2a33b038323fc0f67cc49414ea566bf64
GET /machine-user-images/3-img-2490628-20200329131307.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 160746
content-md5: EVW5o3sIjHcmyp0bobZDsg==
last-modified: Sun, 29 Mar 2020 16:13:08 GMT
etag: 0x8D7D3FC120EB459
x-ms-request-id: 3808787d-801e-000d-207c-0049cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vn4iqjK%2BjSGOaNCqAGtcIfCT6joxVDa4WHfUSN3n20BNhE%2BQpIb%2FyTdhbC0wYlWGdP%2FHEwcL%2FBHyqLupGzuhFUOOADVlUxhqpD0KyWm%2B1pvFrjZsTkxVmZrL0ETgSNwLY5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a803b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/FORMATURA-img-2490628-20200329122719.jpg
172.67.221.31200 OK 594 kB URL HTTP/2 blob.contato.io/machine-user-images/FORMATURA-img-2490628-20200329122719.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 1200x800, components 3\012- data
Size 594 kB (594151 bytes)
Hash a7e63e2ad7662997c31b8a5d3cb04bdc
72020eac30edde043f0d372f540e2b5dc4b359f1
986ef650f9d77985a9ab500f51a8afc6506142b1cc8db3ca4481ef44a8ff3327
GET /machine-user-images/FORMATURA-img-2490628-20200329122719.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 594151
content-md5: p+Y+KtdmKZfDG4pdPLBL3A==
last-modified: Sun, 29 Mar 2020 15:27:20 GMT
etag: 0x8D7D3F5AC342ABD
x-ms-request-id: c3d83efb-001e-0053-307c-00bacf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2%2FwZVl3dySIUIPmk7sXh5tKNTbwdE4MeI8w3iBqboT8hxl0fpMcl2JNhhookxzbdKYKEYw8C38JwUka4EHQqIZD%2FbiQ21TLWT1OsI2J5cT21aobhLX04W5X05NoIjwCCc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4afffb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/CASAMENTOS-img-2490628-20200329013456.jpg
172.67.221.31200 OK 580 kB URL HTTP/2 blob.contato.io/machine-user-images/CASAMENTOS-img-2490628-20200329013456.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 1200x800, components 3\012- data
Size 580 kB (580047 bytes)
Hash 136125be48834a13c1048712d4d72f9b
75063cc29b38c788095883406b6600331b317792
5e2cb6a85563ac41c12c1e4bfb83f945ff65ddca6e83bca80854960b05b21e30
GET /machine-user-images/CASAMENTOS-img-2490628-20200329013456.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 580047
content-md5: E2ElvkiDShPBBIcS1Ncvmw==
last-modified: Sun, 29 Mar 2020 04:34:57 GMT
etag: 0x8D7D39A890EC6EC
x-ms-request-id: 0135d3ac-001e-0035-4a7c-000895000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVptdkw9IeQYXeu4SGMjyTlh8tY7XhtOkh0BRUfr0%2FwYHWzOEaH%2BxHgPFOpX%2BCrGX7h3qATku2luk18vazZHqreFbfpno7x%2BT5mS3KG0eq1vutzohPqKEGI%2F2WSikPLbUvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b80fb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/OUTROS-img-2490628-20200329123709.jpg
172.67.221.31200 OK 656 kB URL HTTP/2 blob.contato.io/machine-user-images/OUTROS-img-2490628-20200329123709.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 1200x800, components 3\012- data
Size 656 kB (656148 bytes)
Hash 2bcc6d21a5f0f2b933ac81f69cc0bff1
c4ae067d68307a85391cf509353ea1347f1e4d5e
8e90bf08715f3f56d56da0d065892dca5eb07e7b591262571272545677254171
GET /machine-user-images/OUTROS-img-2490628-20200329123709.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 656148
content-md5: K8xtIaXw8rkzrIH2nMC/8Q==
last-modified: Sun, 29 Mar 2020 15:37:09 GMT
etag: 0x8D7D3F70B83A1D8
x-ms-request-id: acea2867-d01e-003c-327c-00121b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiCkgIFI35mwRMlbrNaq6KlyDZ4L3jP9W2%2F2UabXZEwHLRRIQ20g5rmG0mnhq44%2BpjUQ3t%2FMY%2BkQ1%2BIIw5RXuS%2BZeWTPFTYbZcl28no7oThaASNpAfcBlJOen2u3GevZL24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4a800b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/INFANTIL-img-2490628-20200329122639.jpg
172.67.221.31200 OK 692 kB URL HTTP/2 blob.contato.io/machine-user-images/INFANTIL-img-2490628-20200329122639.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 1200x800, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21573-22612, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 1186825144474799235106078720.000000, slope 867865519456256.000000\012- data
Size 692 kB (691570 bytes)
Hash f411c9e78ce98db0d7b391332353f31e
b53faffb9ca0ae78706666b3a6377966a5e321f0
cf8d9e8a0fc7dde355aa226158acd8834836d49b4b9c6e5e7628de39ff338b68
GET /machine-user-images/INFANTIL-img-2490628-20200329122639.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 691570
content-md5: 9BHJ54zpjbDXs5EzI1PzHg==
last-modified: Sun, 29 Mar 2020 15:26:40 GMT
etag: 0x8D7D3F5945FF510
x-ms-request-id: cb001716-901e-0019-417c-008aa8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbno9x498G5GsRA9j8hQeBaIzlIOmhdo%2FD%2FboRBLzvtuI4c6JSbnEJWOtSEDUtgAALEITV4Yv3y1SW%2BBxzMATEJNBtKbOEcFwht6kKWkh4LNHLMuNHMFi9QDaMXDTuATH4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4affcb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/CORPORATIVO-img-2490628-20200329122233.jpg
172.67.221.31200 OK 687 kB URL HTTP/2 blob.contato.io/machine-user-images/CORPORATIVO-img-2490628-20200329122233.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 1200x800, components 3\012- data
Size 687 kB (686695 bytes)
Hash 4fa767c9aa63edee72969ed44a8bc95b
113079cf8a93ee63f1bb5c7bd8d864d6c471fcec
d9614311337c86408a2810d414d9087e23cae825666933cb2da2a4dafdc90167
GET /machine-user-images/CORPORATIVO-img-2490628-20200329122233.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 686695
content-md5: T6dnyapj7e5ylp7USovJWw==
last-modified: Sun, 29 Mar 2020 15:22:34 GMT
etag: 0x8D7D3F501646DAD
x-ms-request-id: 0135d3a9-001e-0035-487c-000895000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyeYLlV%2FRbIZMFgePsS6jFTPbgQ2OEbh0tvcTOVPnIMzAhb7boAIiycIFtduRVef4uS19drcWHJCjVIMqKEuK3QhiHK%2Fg41Z1Difg3RQj4dl0B%2F%2BQaLoHynjkejoRi%2FVCuU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4affeb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/15_ANOS-img-2490628-20200329123510.jpg
172.67.221.31200 OK 637 kB URL HTTP/2 blob.contato.io/machine-user-images/15_ANOS-img-2490628-20200329123510.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=800, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], progressive, precision 8, 1200x800, components 3\012- data
Size 637 kB (636659 bytes)
Hash f7ce8458484c7a8efbfae567ce73b766
e1e1ab6aa20c83c40176099d9871aec003681f6e
a524a546537ada4cf6f25dabe3641e80c5f95383f784318e95ec1a1cc2db9e8f
GET /machine-user-images/15_ANOS-img-2490628-20200329123510.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 636659
content-md5: 986EWEhMeo77+uVnznO3Zg==
last-modified: Sun, 29 Mar 2020 15:35:11 GMT
etag: 0x8D7D3F6C4C5435C
x-ms-request-id: 2a57574c-e01e-003f-5c7c-00111c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARR1bwxYhzioYZsvx2SQ7Ol5G2OIrynNsmjAHatkZAF%2FbGeHIcZzio2%2B5C%2FbJhG2G5KxEs%2FMRaxyl7uN%2BmOQeoGwTFaoU6lN3FvmwiFJ485kQNwsqXdxE228%2BrNX6rlc%2BhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b810b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5986
Cache-Control: max-age=98781
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:56 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:46:17 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LV/IgzE7vt3vjgT6hfQDyeq83qcD0go1u8/kD9/kin+kH1bcF7yS8CaOy2wALTE9ZcJYcmOoZIjok41YPee3gg==
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 03:19:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5986
Cache-Control: max-age=98781
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:19:56 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 06:46:17 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=212787963132270&ev=PageView&dl=https%3A%2F%2Ffotolembranca.zoommy.com.br%2F&rl=&if=false&ts=1669346396946&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669346396945.1979944653&it=1669346396466&coo=false&exp=d1&rqm=GET
157.240.200.35200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=212787963132270&ev=PageView&dl=https%3A%2F%2Ffotolembranca.zoommy.com.br%2F&rl=&if=false&ts=1669346396946&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669346396945.1979944653&it=1669346396466&coo=false&exp=d1&rqm=GET
IP 157.240.200.35:0
File type gzip compressed data, from Unix\012- data
Hash f1db1f408a88e11e8a838cfd6d016f74
11d0c97c7fb34f4fecac25af908d18a9c3cc42ea
7cebc0800a93c1440567cd0bca0af04ae1c1ad19d1040d9342d3b87038b65159
GET /tr/?id=212787963132270&ev=PageView&dl=https%3A%2F%2Ffotolembranca.zoommy.com.br%2F&rl=&if=false&ts=1669346396946&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1669346396945.1979944653&it=1669346396466&coo=false&exp=d1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 25 Nov 2022 03:19:57 GMT
X-Firefox-Spdy: h2
blob.contato.io/machine-user-images/EQUIPAMENTOS-img-2490628-20200328130436.jpg
172.67.221.31200 OK 3.3 MB URL HTTP/2 blob.contato.io/machine-user-images/EQUIPAMENTOS-img-2490628-20200328130436.jpg
IP 172.67.221.31:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2020:03:28 13:04:01], baseline, precision 8, 3795x3383, components 3\012- data
Size 3.3 MB (3271560 bytes)
Hash 485c8e5180e8cd575a10c1567552976a
e87a5ee84636bfb8adc9b53fa99d1cce2b7f8ad6
d89aa9b626d646d58984b9ce5ce06e0ca3ca3ab2e5e7db9436204c1d2a6f6b40
GET /machine-user-images/EQUIPAMENTOS-img-2490628-20200328130436.jpg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: application/octet-stream
content-length: 3271560
content-md5: SFyOUYDozVdaEMFWdVKXag==
last-modified: Sat, 28 Mar 2020 16:04:37 GMT
etag: 0x8D7D331B71660A7
x-ms-request-id: 7decda7a-a01e-0033-2a7c-00ffed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzLjEsHQEj4554OFqeaBk7wBiYoDWnlHAwHYLeWreJ2wd9Z3%2FPrxtyT1zQs0MPmOO1MFzr427EFUeXcf4Ss5TexdFU%2BODUxjcAnE74MevAXgYtsindI6BPNndOh%2FhjJYYlA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b80cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,300,500,700,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,500,700,900
IP 142.250.74.10:0
GET /css?family=Roboto:400,300,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:19:54 GMT
date: Fri, 25 Nov 2022 03:19:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blob.contato.io/machine-files/builder/menudrop.css
172.67.221.31200 OK 0 B URL HTTP/2 blob.contato.io/machine-files/builder/menudrop.css
IP 172.67.221.31:0
GET /machine-files/builder/menudrop.css HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: text/css
content-md5: JJNpfDzxKNCYrtCEEquVxA==
last-modified: Mon, 06 Mar 2017 18:37:13 GMT
x-ms-request-id: d63870bd-301e-003d-79a6-a413e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84Uqg53X98O6UREVSn1sv9%2FdbDtfW%2B9xHy0Bge%2B%2FqGmhfEyjmY9XDxX2z09fr2j%2BqKKMH8hCctUOXK36FdrK%2Bq1ONqTqcPnyEHZAUhevRQWmtTmpqIPWt68TA1%2Bfaccbd%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4c819b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zoommy.com.br/
198.50.206.224200 OK 0 B IP 198.50.206.224:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: zoommy.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:19:53 GMT
content-type: text/html
x-accel-version: 0.01
last-modified: Mon, 30 Mar 2020 23:22:55 GMT
etag: W/"382-5a21abb1912f1"
x-cache-status: HIT
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blob.contato.io/machine-files/builder/allpages.builder.css
172.67.221.31200 OK 0 B URL HTTP/2 blob.contato.io/machine-files/builder/allpages.builder.css
IP 172.67.221.31:0
GET /machine-files/builder/allpages.builder.css HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:54 GMT
content-type: text/css
content-md5: XyTqW8HhCCJvbF7ufs+/zA==
last-modified: Thu, 11 Feb 2021 22:04:34 GMT
x-ms-request-id: cc558c5d-601e-0043-49e0-a48c29000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74SVsczS0y2SMoyI4hk2rblBZlaF1J9hFlLJGvD1J7Mspmpt5z86qkFddeaN08WEoRhu9v%2F7N%2F57gvaH6VnPxAMYPqAoeNs7%2B9GSe9PgTqpG%2FUzktgZkCZYsTZ5Ct%2BhGA34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4aff9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blob.contato.io/machine-files/all-images/WhatsApp.svg
172.67.221.31200 OK 0 B URL HTTP/2 blob.contato.io/machine-files/all-images/WhatsApp.svg
IP 172.67.221.31:0
GET /machine-files/all-images/WhatsApp.svg HTTP/1.1
Host: blob.contato.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fotolembranca.zoommy.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:19:55 GMT
content-type: image/svg+xml
content-md5: IoPAmJJMXBXe295n150INQ==
last-modified: Mon, 18 Mar 2019 20:04:36 GMT
x-ms-request-id: 564b3055-801e-002f-4b7c-0027fa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1Vinf9EaL2m7lHQP9uVICTCOvPlQDJXPvCWzE2JyoFTwIvDN6mKHukuIHkRGZRpSAwbIJ6uSlKVex5Lnlm2Jkd8PcWh%2FTBRo37ROdvXAZvADa%2BqXyOFViJEhMoVoKu3tvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f73ed4b809b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2