sweetcaramel.pt/
302 Found 208 B IP
ASN #203461 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 19fe6cf528078230d58b45b91cdbcef4
5fede880007aef4411e007fb0cc15042b86e88d5
518939292ed27ef97a9a0e1015d9eae7d06179b29372a7504898bb5043ff917e
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 27 Sep 2022 13:52:47 GMT
Server: Apache
Location: https://sweetcaramel.pt/
Content-Length: 208
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 13:02:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rc-effxregBOzGMK0_VgK5ze2_UacRtccgoKzaP5snKfQjPYEj9EgA==
Age: 2998
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3529
Expires: Tue, 27 Sep 2022 14:51:36 GMT
Date: Tue, 27 Sep 2022 13:52:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zGFJOxe3t_0jBZSDBLlmchTrkV4mBDapAmhaWt2p2U3x8fSnuHCtSA==
age: 16114
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 13:52:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0d6c2c8de8b19a7856013c7450ed0e24
c274213640d1a841cdbe8e2574ccfe4d56e725d3
3c95fa5031704e1648f965af801fe7e129af505763db45733195723435a302be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C95FA5031704E1648F965AF801FE7E129AF505763DB45733195723435A302BE"
Last-Modified: Tue, 27 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 19:52:47 GMT
Date: Tue, 27 Sep 2022 13:52:47 GMT
Connection: keep-alive
sweetcaramel.pt/
200 OK 16 kB IP
ASN #203461 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (314)
Hash af752c5a4ff10750f573d39e4f606a88
e7bfde3d001519290362f234320214ce6ea241b7
11006715a29d38e590b877b6f55f3441c3cfe1c34a64eecaa86910e66440be97
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:47 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:14 GMT
ETag: "dc00a2-3ce3-5de17b1e933b2"
Accept-Ranges: bytes
Content-Length: 15587
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/html
sweetcaramel.pt/css/style.css
200 OK 19 kB URL HTTP/1.1 sweetcaramel.pt/css/style.css
IP
ASN #203461 Register S.p.A.
File type assembler source, ASCII text, with very long lines (425)
Hash d475576335b43488fa4efe97627d2ef0
5f7379c17c4e1591f26aad1303ffac1b848b7c41
c00638a1868c0b9a2086973cd14166a7dccb54dc78bdd16da4953d87a6905d2f
GET /css/style.css HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:33 GMT
ETag: "e81754-4ae4-5de17b30cc94e"
Accept-Ranges: bytes
Content-Length: 19172
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
sweetcaramel.pt/js/owl.video.js
200 OK 8.9 kB URL HTTP/1.1 sweetcaramel.pt/js/owl.video.js
IP
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (360)
Hash 0a17131d7d38611d54e3f94c015478bc
94a543178db9c369cfc545c76d0364405fdd6682
d23780fac56a3133971d82e35ee2b1291f02717a231198cd8f65953464dd2a8c
Analyzer Verdict Alert fortinet Malware
GET /js/owl.video.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:27 GMT
ETag: "e81742-22b5-5de17b2b590db"
Accept-Ranges: bytes
Content-Length: 8885
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
sweetcaramel.pt/css/owl.carousel.css
200 OK 6.7 kB URL HTTP/1.1 sweetcaramel.pt/css/owl.carousel.css
IP
ASN #203461 Register S.p.A.
Hash 38d84bee62f4c8aef062634361e2a3ed
829ac63e0933bdc5b0c3e76189f7d2b8dfb0b764
6e2d64a4bfe43280506c575c85927ed3899e4cb687099bf81cefdd721d65c27a
GET /css/owl.carousel.css HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:32 GMT
ETag: "e81753-1a39-5de17b309eed3"
Accept-Ranges: bytes
Content-Length: 6713
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b7390ef76a75e4ff64673b619ef78cd0
0a77c8e0aca3606fe4a0f462d6c71e7c6013de7b
2cf9fa21db95574a93683e10d54659c841a9a5057da7ce751b0e65c671e1ceee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CF9FA21DB95574A93683E10D54659C841A9A5057DA7CE751B0E65C671E1CEEE"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6107
Expires: Tue, 27 Sep 2022 15:34:35 GMT
Date: Tue, 27 Sep 2022 13:52:48 GMT
Connection: keep-alive
sweetcaramel.pt/css/owl.theme.default.css
200 OK 1.4 kB URL HTTP/1.1 sweetcaramel.pt/css/owl.theme.default.css
IP
ASN #203461 Register S.p.A.
Hash 6c830c91a0a08fca0fe883504abc7d2b
5193b985aa3f992ce7bad494b6ab519707c48cc1
9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
GET /css/owl.theme.default.css HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:32 GMT
ETag: "e81752-564-5de17b3096a03"
Accept-Ranges: bytes
Content-Length: 1380
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: text/css
sweetcaramel.pt/js/custom.js
200 OK 265 B URL HTTP/1.1 sweetcaramel.pt/js/custom.js
IP
ASN #203461 Register S.p.A.
Hash 800a38eee6acb520300b63cf3712167c
a44427d96e60cc34574d58c4ae1479e08fe1ac8e
89c457c0e69604a9495a885f5a2afca7ad19f8cda07eb2425ca7f3fa1c5cea9f
Analyzer Verdict Alert fortinet Malware
GET /js/custom.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:26 GMT
ETag: "e8173c-109-5de17b2aa59b9"
Accept-Ranges: bytes
Content-Length: 265
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: application/javascript
sweetcaramel.pt/js/jquery.scrollto.js
200 OK 985 B URL HTTP/1.1 sweetcaramel.pt/js/jquery.scrollto.js
IP
ASN #203461 Register S.p.A.
Hash 9d1d86e39d5a3e634a6400aac0c7d352
053ef3b65e71323b7436b351e5fbaedf19f1a5e6
fb25de2f7cc6502e59929d1e4d9008d5b8ed861992c196729ba3cbc015d55cf9
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.scrollto.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:26 GMT
ETag: "e8173f-3d9-5de17b2ae7485"
Accept-Ranges: bytes
Content-Length: 985
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
sweetcaramel.pt/js/cbpAnimatedHeader.js
200 OK 875 B URL HTTP/1.1 sweetcaramel.pt/js/cbpAnimatedHeader.js
IP
ASN #203461 Register S.p.A.
Hash 717acd353b97f3e42690635da31b4dce
134a974766869b869ef290dc4a42f0870cfd8956
f3a63182c1ecfd53dc36c3ca90cc43589d46bb87b5d05a19cb03d3844a53e3e0
Analyzer Verdict Alert fortinet Malware
GET /js/cbpAnimatedHeader.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:26 GMT
ETag: "e8173b-36b-5de17b2a82b1f"
Accept-Ranges: bytes
Content-Length: 875
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sweetcaramel.pt/js/contact_me.js
200 OK 2.9 kB URL HTTP/1.1 sweetcaramel.pt/js/contact_me.js
IP
ASN #203461 Register S.p.A.
Hash 97ad59707f7cc70de5f080305d4301e5
2dda759d47260fdf0f9e9ffa3f8b8c1785d0a9f9
b65c4f41c952d4c35910d612c310a1150ce073a0a09a02b299025e38522410fb
Analyzer Verdict Alert fortinet Malware
GET /js/contact_me.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:26 GMT
ETag: "e8173a-b62-5de17b2a78af6"
Accept-Ranges: bytes
Content-Length: 2914
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
sweetcaramel.pt/js/owl.carousel.min.js
200 OK 44 kB URL HTTP/1.1 sweetcaramel.pt/js/owl.carousel.min.js
IP
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (31997)
Hash f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Analyzer Verdict Alert fortinet Malware
GET /js/owl.carousel.min.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:27 GMT
ETag: "e81741-ad36-5de17b2b30099"
Accept-Ranges: bytes
Content-Length: 44342
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtag/js?id=UA-129779740-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-129779740-1
IP
File type ASCII text, with very long lines (2039)
Hash 670c7144698ed1e915861f080a367dcd
74f9b1b298ef6c1f0e260e08eca4abf6c6c95dd8
74f5b2d23a7f7be9613fb5bad3831653738afa031465caccf77ef7ddbbd4e835
GET /gtag/js?id=UA-129779740-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 13:52:48 GMT
expires: Tue, 27 Sep 2022 13:52:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sweetcaramel.pt/css/dosis-semibold-webfont.woff2
200 OK 24 kB URL HTTP/1.1 sweetcaramel.pt/css/dosis-semibold-webfont.woff2
IP
ASN #203461 Register S.p.A.
File type Web Open Font Format (Version 2), TrueType, length 24404, version 1.459\012- data
Hash b1ed497c0e2cd637951221927a13e358
e9969248acb188285f3fbf83cc2f233e2ce9b10c
6206d934ca9acc583a77b3cd4286a5b32fe185e59c8a5d6c7a2a108a91ed448b
Analyzer Verdict Alert fortinet Malware
GET /css/dosis-semibold-webfont.woff2 HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sweetcaramel.pt/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:32 GMT
ETag: "e81750-5f54-5de17b3068f88"
Accept-Ranges: bytes
Content-Length: 24404
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: font/woff2
sweetcaramel.pt/css/dosis-bold-webfont.woff2
200 OK 25 kB URL HTTP/1.1 sweetcaramel.pt/css/dosis-bold-webfont.woff2
IP
ASN #203461 Register S.p.A.
File type Web Open Font Format (Version 2), TrueType, length 24780, version 1.459\012- data
Hash 74bc2c66f756eb957d50ef8b49100d2f
a7e76c8dc70905311092242cd4cba3d3addab515
854afd25c5d2fce63f82f1eaadcaa828b478e0ba04942de612d7e926f80a0b03
Analyzer Verdict Alert fortinet Malware
GET /css/dosis-bold-webfont.woff2 HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sweetcaramel.pt/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:31 GMT
ETag: "e81748-60cc-5de17b2f7aafa"
Accept-Ranges: bytes
Content-Length: 24780
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: font/woff2
sweetcaramel.pt/css/dosis-regular-webfont.woff2
200 OK 24 kB URL HTTP/1.1 sweetcaramel.pt/css/dosis-regular-webfont.woff2
IP
ASN #203461 Register S.p.A.
File type Web Open Font Format (Version 2), TrueType, length 24400, version 1.459\012- data
Hash 798aa532a2e20e9e7b590a7dc808468d
756c1d4f3e51f8b55992df78cf8df74e5694ff1f
a9ef74dc2b1836dd032efb368d6c2ff94a8ae539d64c5230c610b72be76e02c5
Analyzer Verdict Alert fortinet Malware
GET /css/dosis-regular-webfont.woff2 HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sweetcaramel.pt/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:32 GMT
ETag: "e8174c-5f50-5de17b2fed309"
Accept-Ranges: bytes
Content-Length: 24400
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: font/woff2
sweetcaramel.pt/js/jquery.js
200 OK 87 kB URL HTTP/1.1 sweetcaramel.pt/js/jquery.js
IP
ASN #203461 Register S.p.A.
File type ASCII text, with very long lines (65451)
Hash 4b57cf46dc8cb95c4cca54afc85e9540
05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:26 GMT
ETag: "e8173e-1538e-5de17b2aeddfd"
Accept-Ranges: bytes
Content-Length: 86926
Keep-Alive: timeout=5, max=150
Connection: Keep-Alive
Content-Type: application/javascript
sweetcaramel.pt/img/instagram-2.svg
200 OK 1.6 kB URL HTTP/1.1 sweetcaramel.pt/img/instagram-2.svg
IP
ASN #203461 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 623189bdd26a34893504da134b84aa11
93f93327145d424e59be5cf454487e46f687b749
841b70d9baa32a6c90720cf1d2fe427ffc7db8d45b6c80e6928cf7d9b95b798a
Analyzer Verdict Alert fortinet Malware
GET /img/instagram-2.svg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:58 GMT
ETag: "e81775-620-5de17b49120cd"
Accept-Ranges: bytes
Content-Length: 1568
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: image/svg+xml
sweetcaramel.pt/img/facebook-2.svg
200 OK 864 B URL HTTP/1.1 sweetcaramel.pt/img/facebook-2.svg
IP
ASN #203461 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash f8867de17f432aeeea19638cb6dcb5f8
b5fbae3c65ffff5be0e076688fad21a948dac736
47dc00ea8b92285a14062f0afc6512d860c4544df3fa6b86d86719ac90f34c75
Analyzer Verdict Alert fortinet Malware
GET /img/facebook-2.svg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:02 GMT
ETag: "e8178a-360-5de17b4d2b233"
Accept-Ranges: bytes
Content-Length: 864
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/svg+xml
sweetcaramel.pt/img/logo.svg
200 OK 28 kB URL HTTP/1.1 sweetcaramel.pt/img/logo.svg
IP
ASN #203461 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 05c4be3545d3a5b94e83933b0f613dbc
1f5ab72bd3f81c6dfac4641a8f64a98b5be6c5d3
d19d3959fdfafce559a3f53567104c989eb185ba02b56a351e15e199460b7f05
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:59 GMT
ETag: "e81776-6c52-5de17b498e905"
Accept-Ranges: bytes
Content-Length: 27730
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: image/svg+xml
sweetcaramel.pt/img/pinterest.svg
200 OK 1.2 kB URL HTTP/1.1 sweetcaramel.pt/img/pinterest.svg
IP
ASN #203461 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 68a42847c7cb14da15c97511c3a72e64
4614074e8ea294b1be9bf1afaaff1bce079dbe88
d81c29e5196a27b6ff28334a5cef8ea54637d2af2c7980de81a3e2ff5e75d4c3
Analyzer Verdict Alert fortinet Malware
GET /img/pinterest.svg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:59 GMT
ETag: "e81777-4a2-5de17b49b13b7"
Accept-Ranges: bytes
Content-Length: 1186
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a67a0b701abf0f3af63c399508d1e345
8e44ea6cbdfc65c2f27afc3b0b38e979d510741a
74e1b2f2b6f0c347089ab261506b08aca6dac813f85f27e89aba18da95b65431
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 13:46:06 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ZoO5KUDZ6xcxP-affb0828hGLNwQ2K3UQKK4DIOW-STEa7McNGcVw==
Age: 402
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.fixando.com/js/widget_min.js
200 OK 858 B URL HTTP/2 cdn.fixando.com/js/widget_min.js
IP
File type HTML document text\012- HTML document text\012- C source, ASCII text, with very long lines (2439), with no line terminators
Hash 7b167fe5c8b27996b71d33274d9e2864
37d483d627fa747febf95d1544d214d1fa6cfe27
e6d81f74cba20dcec4fca3f491f4e569ba3f1351c4c3f346b874a8f31e2b5823
GET /js/widget_min.js HTTP/1.1
Host: cdn.fixando.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 858
server: nginx
date: Wed, 14 Sep 2022 07:35:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 05 Sep 2019 15:41:24 GMT
etag: "987-591d027789b83-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 14 Sep 2023 07:35:52 GMT
content-encoding: gzip
access-control-allow-origin: *
x-frame-options: sameorigin, SAMEORIGIN
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9neTQsLk8G0iMGTV9ahOef7OSYIo6nb9moU4vxODv2kPUhL6rWt1pw==
age: 1145816
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 13:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 14:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gaJGCxxNVnwahGp04m32W93-TeAGfPY5BcIEDCxTyb3RHqwd99eOYQ==
Age: 2522
sweetcaramel.pt/img/slide8.jpg
200 OK 230 kB URL HTTP/1.1 sweetcaramel.pt/img/slide8.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 230 kB (230186 bytes)
Hash fb1c7183f68c82d4eed142537f9bf2b1
6232b61b04cb60f8179f13de16cf117d0a952d11
febd7c33183f4dff0084295e46dcc006b3938ddc5ad1093631534675faef8171
GET /img/slide8.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:01 GMT
ETag: "e81782-3832a-5de17b4b7bfaa"
Accept-Ranges: bytes
Content-Length: 230186
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/jpeg
sweetcaramel.pt/img/fundo-contactos.png
200 OK 229 kB URL HTTP/1.1 sweetcaramel.pt/img/fundo-contactos.png
IP
ASN #203461 Register S.p.A.
File type PNG image data, 1932 x 1200, 8-bit/color RGB, interlaced\012- data
Size 229 kB (228844 bytes)
Hash 4aec2fc31c186ff061929707d825d92a
96d75f32f40086610118deaeba3d0e6574047463
df63fa2b8a40754499ace0fc990cab187b1fcf3242fb95c9d4dfb4e3cfcbf962
GET /img/fundo-contactos.png HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:03 GMT
ETag: "e8178d-37dec-5de17b4dad82b"
Accept-Ranges: bytes
Content-Length: 228844
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: image/png
sweetcaramel.pt/img/slide6.jpg
200 OK 382 kB URL HTTP/1.1 sweetcaramel.pt/img/slide6.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x800, components 3\012- data
Size 382 kB (382024 bytes)
Hash 9386a5b8226078f1db87e654ca689491
74cc9167388777af2e0a728da2759ec931a23aeb
79bbbb7f6a8fab795b69c9e6d98eafca48b608495dd1ca316e2a193bf84ca973
GET /img/slide6.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:00 GMT
ETag: "e81780-5d448-5de17b4afe3ea"
Accept-Ranges: bytes
Content-Length: 382024
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/jpeg
sweetcaramel.pt/img/slide10.jpg
200 OK 736 kB URL HTTP/1.1 sweetcaramel.pt/img/slide10.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 736 kB (735519 bytes)
Hash 896c5d96bdcb409541775da05ba2c703
be2a30a5449057b6b44cc27d2e96f74862c2b80c
8501f1568102cffa35e436e137f60967f431a493f2fa9c0dc26c3c55f0ab6d53
GET /img/slide10.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:01 GMT
ETag: "e81784-b391f-5de17b4c10e83"
Accept-Ranges: bytes
Content-Length: 735519
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
200 OK 471 B IP
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4642
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:35:26 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
sweetcaramel.pt/img/slide7.jpg
200 OK 751 kB URL HTTP/1.1 sweetcaramel.pt/img/slide7.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 751 kB (751291 bytes)
Hash cf4c6e9d64669bb67305f698304bbf61
051bf592fa90d17eaf729a068e4366e777c9c4ae
16f0ea5e9f7a54a2e4210c84ddea1ca34a1004862cc4700cad918b128f80ebc8
GET /img/slide7.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:01 GMT
ETag: "e81781-b76bb-5de17b4b769b9"
Accept-Ranges: bytes
Content-Length: 751291
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/jpeg
sweetcaramel.pt/img/slide11.jpg
200 OK 291 kB URL HTTP/1.1 sweetcaramel.pt/img/slide11.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 291 kB (290939 bytes)
Hash c4e4e5192fea8689aa1b8d4a43ae6c5b
05728ba9302c8a6d42e188b146a5510d8698eee7
1a66bf8f050726d2552ef4f9ff153acc0270a7b7768219901a474129c4f2ecd1
GET /img/slide11.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:01 GMT
ETag: "e81785-4707b-5de17b4c4df16"
Accept-Ranges: bytes
Content-Length: 290939
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/jpeg
sweetcaramel.pt/img/slide13.jpg
200 OK 420 kB URL HTTP/1.1 sweetcaramel.pt/img/slide13.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 420 kB (420298 bytes)
Hash 82c2faddf918150941f6c4f6ed84f1eb
da967f24faa2a73c68c494ff34fe284b7bbdef32
53d712daf91408ae442d2d78c5d2b21f0f27e65c5741b9a0220dc6e856e72013
GET /img/slide13.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:02 GMT
ETag: "e81787-669ca-5de17b4cc12dd"
Accept-Ranges: bytes
Content-Length: 420298
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/jpeg
sweetcaramel.pt/img/slide12.jpg
200 OK 496 kB URL HTTP/1.1 sweetcaramel.pt/img/slide12.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 496 kB (496461 bytes)
Hash 0b42dbedf9239f772f216d0f238cc535
41175587afb8d684aebc2f4b39e5e06d50f0ed7c
ae9c10f844b090ecc98b7e8dec3f0e3cb1a5b0c87e5e0c012c9be431b45b8817
GET /img/slide12.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:02 GMT
ETag: "e81786-7934d-5de17b4c832a9"
Accept-Ranges: bytes
Content-Length: 496461
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/jpeg
sweetcaramel.pt/img/slide9.jpg
200 OK 445 kB URL HTTP/1.1 sweetcaramel.pt/img/slide9.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 445 kB (445139 bytes)
Hash 3cedf8325cb1cac5d2e10abb84329ec3
58c674a88c54c2ef5e4b80787b79e2cf4a9e1d61
361526586ca5a7eaccaf2231d467cafd41480a040f53c444a7547343dc823160
GET /img/slide9.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:01 GMT
ETag: "e81783-6cad3-5de17b4bf1e69"
Accept-Ranges: bytes
Content-Length: 445139
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
200 OK 471 B IP
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3823
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3823
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3823
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 13:20:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1773
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 13:23:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/281413109_678061483286890_4141414164315049963_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=NQpOTCXMGD0AX_T_pl-&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT9vVh4A2y1ljs9nFyNEtOA6UK40FUKl4uLSzB9qxdRGNQ&oe=62D461C3
403 Forbidden 21 B URL HTTP/2 scontent-frt3-1.cdninstagram.com/v/t51.29350-15/281413109_678061483286890_4141414164315049963_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=NQpOTCXMGD0AX_T_pl-&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT9vVh4A2y1ljs9nFyNEtOA6UK40FUKl4uLSzB9qxdRGNQ&oe=62D461C3
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/281413109_678061483286890_4141414164315049963_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=NQpOTCXMGD0AX_T_pl-&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT9vVh4A2y1ljs9nFyNEtOA6UK40FUKl4uLSzB9qxdRGNQ&oe=62D461C3 HTTP/1.1
Host: scontent-frt3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKHnhDbW0b3Ivj8E8Qpl8p1EqEpjBhxt4aLXY8GK7J-pTbcM31FSu5oDkwR2GnE1xfyp6xJ6JhnFFdu"; e_fb_vipaddr="AcIt1rNL0RXBOT15SCNeoleP8VPXJz-yOtaBXuKkxwYDOqsWRk5iW3R0txNpbgSDGVjBLeM"; e_fb_builduser="AcKxPxLiE3HT00rb6LFoUkTSqCHVgXUEqiFU38FlIiD_ipn6o1SgJgA0cnj6Vcb6A28"; e_fb_binaryversion="AcKeN8bOC-bXxnwfEVziCFAc85RbHSdcWkJb5V6UPx_hm6Ar7kgMqr7uipJrBVo1Ls2swtj4FzhknhtnRvi51fflzTpe85NfIps"; e_proxy="AcK-JWCiLjbyEGJTnVrt7nVRfA-Id8z7L_nwBCaIcq3UNgji3PLcP53uyOvtB9uEIsAlf0CMjmDNqq4"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 1425083115
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/284812456_131308696180610_3341210109434510362_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=p3t1vs5CRB8AX-6ozTG&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT__btRkYNofV3cH65disykZz0NFZY4UhE0OEcUAGyvSTw&oe=62D35F22
403 Forbidden 21 B URL HTTP/2 scontent-frt3-1.cdninstagram.com/v/t51.29350-15/284812456_131308696180610_3341210109434510362_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=p3t1vs5CRB8AX-6ozTG&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT__btRkYNofV3cH65disykZz0NFZY4UhE0OEcUAGyvSTw&oe=62D35F22
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/284812456_131308696180610_3341210109434510362_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=p3t1vs5CRB8AX-6ozTG&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT__btRkYNofV3cH65disykZz0NFZY4UhE0OEcUAGyvSTw&oe=62D35F22 HTTP/1.1
Host: scontent-frt3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcI0RX1ebRLuahYpkBG1EbRG1FMrTmNL9NUorMdbg1rjaz_TUWTUsK3uCFDsjhp9crs81oVAsXvZju1g"; e_fb_vipaddr="AcLV4HuZZ8qGQAp6BlA4M0TE8DzwQBQP2raAe3KG7qehUH3xi1WJ31p7F680X8DOF8ymtOA"; e_fb_builduser="AcKLENLGxh6XkdvWkK-FFwsJgCIcn-VU34xWk3WWKmk8EEiCcFg2mT508jtiNI0zJaU"; e_fb_binaryversion="AcK_kXzbu7rgVXOkjME-KNU2hP0O3Xw0nlW0HJDVmPEm6WGcHAf2EwjUCPjmaFYwBvwY5-KPhNuOs0pUKOxvdY9LSRyyekYfRYA"; e_proxy="AcJXQyarjZ3muzPGre-n17ccZhx9GE-Hv8k7E7_6SR62m9Pl027cWlX3xOB3aTh6ZPgfg-2bSox4TYI"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 1425083115
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/284344514_959238491409912_5145445846771022727_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=HFud3sfZjA0AX_Gkdlt&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_4MslYv7BN3j4tRVGFSw4LFcObnALThfv5jJB8GoO8pQ&oe=62D2EF53
403 Forbidden 21 B URL HTTP/2 scontent-frx5-1.cdninstagram.com/v/t51.29350-15/284344514_959238491409912_5145445846771022727_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=HFud3sfZjA0AX_Gkdlt&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_4MslYv7BN3j4tRVGFSw4LFcObnALThfv5jJB8GoO8pQ&oe=62D2EF53
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/284344514_959238491409912_5145445846771022727_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=HFud3sfZjA0AX_Gkdlt&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_4MslYv7BN3j4tRVGFSw4LFcObnALThfv5jJB8GoO8pQ&oe=62D2EF53 HTTP/1.1
Host: scontent-frx5-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcL5F_vwHeFj1L5uLpquaea-QYltK7J204Cvvl1kF4soiWxB568rXZjd-XNL8rbptp3LUF5sYUyAgVc6"; e_fb_vipaddr="AcIXempRNT4EtYG_GE-AZoRtrwCuphtDkgJg9JNbyEK20-5hVpsdHp3Ufr8sFkrLgeavu-iS4g"; e_fb_builduser="AcKNXLLfMQX1LR2rOPTSGT7MrunP5ktfU3Vgds7vwWlfQ_uB3XC57P9lg_nY2Sfm7wM"; e_fb_binaryversion="AcI4b-IFYZsvW8GC0LxuxLrtOuimje2_dKUILzjKjKF7J0dOMfas5M8m0bFmz3tHhyHm54Gmst5uy0uGLgFbTsdTHVyLEq46p6E"; e_proxy="AcLiXiCawfCYK6LV0fUfinlYdJzMbOQTwDnSmNjZGYsESyGxSay_0vu7GRYLpBfjiAecrEfkqxg0tfdQ"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 780166575
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/280600031_380946997420250_3121108186557814995_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ydxrxfdyXWkAX9cY8J3&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT9ab3aHe0w9GS1z1skn349rwETpgWA1zYiurze_JGytDA&oe=62D364B4
403 Forbidden 21 B URL HTTP/2 scontent-frx5-1.cdninstagram.com/v/t51.29350-15/280600031_380946997420250_3121108186557814995_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ydxrxfdyXWkAX9cY8J3&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT9ab3aHe0w9GS1z1skn349rwETpgWA1zYiurze_JGytDA&oe=62D364B4
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/280600031_380946997420250_3121108186557814995_n.jpg?_nc_cat=100&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ydxrxfdyXWkAX9cY8J3&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT9ab3aHe0w9GS1z1skn349rwETpgWA1zYiurze_JGytDA&oe=62D364B4 HTTP/1.1
Host: scontent-frx5-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKnIZyiIIGPtDQsa4nEPNVeWkC6bs78B42AhF6k9H5nzb9HObx-ea_hcF5Ke06daXDjb7PE1iS8u7Eu"; e_fb_vipaddr="AcJsKdmgXI_gw6QnlaCGMV3s5h2nWHU4Or1tfvwmTHYDqf9HkXPqTWnBohJ0eT8Bc0KF3KXCjQ"; e_fb_builduser="AcK9CdEjQC6aizkWbNvhhPJqsD-PTWsz9Shlm8f0sd-S8opq5EBbib3Johi_5qeEczI"; e_fb_binaryversion="AcKcywYELO3VAONFsszdo2BaJZWe8MXwi4YEiNsjizy4uQ20Cd08UUFqRNiNBmk_TGYmGvuXez7OqKdba8tX0axTdl8x7-R8E_U"; e_proxy="AcJnYq8gIhYeZGCrrolUsjbGUi4ftwD8sTyhqVW_2nCznUzPat7xQ2ZkZx-TDTlXiWpIX1qVWJKVl0H9"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 780166575
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/284183415_595357671927120_4381462430984221061_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=wc9pMeO2GSQAX9mj8Vw&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-OIIeb053B4OWzJ8F35b2zGOrJnLy8DbXjsS3jZ-p7Bg&oe=62D4A1BD
403 Forbidden 21 B URL HTTP/2 scontent-frx5-1.cdninstagram.com/v/t51.29350-15/284183415_595357671927120_4381462430984221061_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=wc9pMeO2GSQAX9mj8Vw&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-OIIeb053B4OWzJ8F35b2zGOrJnLy8DbXjsS3jZ-p7Bg&oe=62D4A1BD
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/284183415_595357671927120_4381462430984221061_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=wc9pMeO2GSQAX9mj8Vw&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-OIIeb053B4OWzJ8F35b2zGOrJnLy8DbXjsS3jZ-p7Bg&oe=62D4A1BD HTTP/1.1
Host: scontent-frx5-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcK2BYdHQIx5iyYEbuj8IUxCNtUjwq6Btr7H_SVMhVOAuLB1WUbZltWBFzZY1ND9H6cpaQnTSEv5quB1"; e_fb_vipaddr="AcLZCEcxbGB99dVr-QZ4B_Ih1BsVCj4lBJSUw8SeSnPuXikVKOurP6RoQ3rRB-e4A_whpYJ5Dg"; e_fb_builduser="AcJNrct2kuDZNQlo_fqvb5xmrbwCrn6qmL2-JNfOnSrfcWriR4dkooGR9AH67TxvpN8"; e_fb_binaryversion="AcJy0JWm8vqECAFUwStgQwnbp85TI0ZLtkUM7PCHtpd2idjC4NKVHthmlclt__15zblz6rd2EKoexD0FpKPIOYdeZzqVM_yWSVo"; e_proxy="AcKz393C99kmiijT5Bjd-y3hwPkq00xeQxA1fFP29iv0y9W2ZqO4ZS3kck67xVEdaWKx8NktFFqIasfM"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 780166575
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/280653631_975763013142143_3481063350720827861_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ENpYiRo2fa4AX8UkmHk&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-0JX7m-fSCeogjhO8xA5d73Tz-YnBn3-QeZ2OqM_FN1A&oe=62D3DE35
403 Forbidden 21 B URL HTTP/2 scontent-frt3-1.cdninstagram.com/v/t51.29350-15/280653631_975763013142143_3481063350720827861_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ENpYiRo2fa4AX8UkmHk&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-0JX7m-fSCeogjhO8xA5d73Tz-YnBn3-QeZ2OqM_FN1A&oe=62D3DE35
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/280653631_975763013142143_3481063350720827861_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=ENpYiRo2fa4AX8UkmHk&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-0JX7m-fSCeogjhO8xA5d73Tz-YnBn3-QeZ2OqM_FN1A&oe=62D3DE35 HTTP/1.1
Host: scontent-frt3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKuUV7ur9eyBYdOhemrXy2Bq2LcQOOTNtKKDj6AO3vP_qgbYv0P5kRlETufDeje9K2ygx_QQ36_kA6L"; e_fb_vipaddr="AcINyA2JvXL6sDIJg5tny4ki1nmlyFu9wubUQGIeHoo_G7rRnBSdMgeWI1WTlklSQrh5Jys"; e_fb_builduser="AcJv_UUPMHIxdHmrSbjxi94jAZQv8eZZ6bIv6VRjLKbK-jstVgYPQ7mcyI8Auo9FkWc"; e_fb_binaryversion="AcJJj2-rSC6gztKh7S1mOJqyruDFKRIW73H3qRQGMuCcj179l2bUc-6GWqujoFi4nPL24oXW4dAKD4hB4lLJqXxgi27pWqGf3Gk"; e_proxy="AcJK_p6s49tQFIpNYlCFKYzfT_JgTfSH-N3kwdZLv7UwR9f2P82W3nziW3syQpIrGxFIS9gQKccqAGQ"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 1425083115
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/280682085_717481226235722_1916059941673834698_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=aG62VWtwwpUAX-2wR6q&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-yQxjzVX3qiMmZIgR924ObJm_B2pJmiiR4pvc7VuX12A&oe=62D4BC4A
403 Forbidden 21 B URL HTTP/2 scontent-frx5-1.cdninstagram.com/v/t51.29350-15/280682085_717481226235722_1916059941673834698_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=aG62VWtwwpUAX-2wR6q&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-yQxjzVX3qiMmZIgR924ObJm_B2pJmiiR4pvc7VuX12A&oe=62D4BC4A
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/280682085_717481226235722_1916059941673834698_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=aG62VWtwwpUAX-2wR6q&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-yQxjzVX3qiMmZIgR924ObJm_B2pJmiiR4pvc7VuX12A&oe=62D4BC4A HTTP/1.1
Host: scontent-frx5-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcKa7smcOguiQIIvL81_iLIkpzemwyXmrjrSDetWLhDHbsyvuSqkqTPa9NyUsqtTQJwbSi4cmKbwb-T8"; e_fb_vipaddr="AcK8EUsjhJUDL5p8qQ1DzMddnzgp4cdsBlwNH2T3oUGSe7d0iV4zqpM-wq9Qz_6YUoV6SlV1gA"; e_fb_builduser="AcLzW6BuYmkFmnhrwFt_bXO4ptSQdcqQv-gbmruE_5Bd_u-gGdi9U2o_3ZgPACEOcbo"; e_fb_binaryversion="AcIof9qLwr9yCpi6q3w81yx8hUFgBIHI0YPegrmZL8r8pK9xbUX2Dsio6eaJF8PGxmkYI78_7b4s2fY8jxql5Ouz64MAXnWHGBI"; e_proxy="AcIJSVKm4KcxBAS7seRLof7GQD5Vp2d0FUC5SPLe4hX0YTgA2WKLc-GWjJNzLqMvsLr30y6AXE6HrQeT"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 780166575
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/285166080_2239406546211535_7442947700421235018_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=zJCdT0gnI6wAX-nKTI_&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT8PTMWDm3ci9Nkxrl93-RW-EsIpYNqUeC7lBE0chNJnYA&oe=62D31FDE
403 Forbidden 21 B URL HTTP/2 scontent-frt3-1.cdninstagram.com/v/t51.29350-15/285166080_2239406546211535_7442947700421235018_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=zJCdT0gnI6wAX-nKTI_&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT8PTMWDm3ci9Nkxrl93-RW-EsIpYNqUeC7lBE0chNJnYA&oe=62D31FDE
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/285166080_2239406546211535_7442947700421235018_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=zJCdT0gnI6wAX-nKTI_&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT8PTMWDm3ci9Nkxrl93-RW-EsIpYNqUeC7lBE0chNJnYA&oe=62D31FDE HTTP/1.1
Host: scontent-frt3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcJjItX1zzp4EItSneSlS20fWX_Y0ieOgqyBgWG25VXYlwTtXnNLdVHsuhuHz4Snowu0x83dlkVpcJqf"; e_fb_vipaddr="AcKf0TFtK3LxO3iIt8w7klbEDJsM0tY-WlhoE0J7CFqTb8WGgrCk8A7-1ET8iJP4GjeukJE"; e_fb_builduser="AcL98W6gQsId--Ry4WrVYHhsLrVpaVy3sRl_9MuG9CaSr0wAeBwsWSYnWyqy3TOBjnU"; e_fb_binaryversion="AcL1HFC0kcU_4j2HgXQO7Lk07ORXZHrGEEg3KFIHs854haYBzRIjQqFM4RHIMoqvNuZ2LH-T57DnoNGGT9E-yf_mfpEBD9ul7oI"; e_proxy="AcI59Yc5_-ms0RpjBn_6jZcr6xNXiDDwsFFLLMAqa-SDLEtux2UewVYwwe4KJDU9GmFzZ_9iy1sfwJQ"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 1425083115
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sweetcaramel.pt/favicon/android-icon-192x192.png
200 OK 11 kB URL HTTP/1.1 sweetcaramel.pt/favicon/android-icon-192x192.png
IP
ASN #203461 Register S.p.A.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 26257abd8ac19c19789d1ea10e94b192
8217eb6be1469efd31e2e61935da101185833b90
cb3d00bf9e0806aacf59357354309d93341508b73fc21c08433146a761877c07
GET /favicon/android-icon-192x192.png HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:36 GMT
ETag: "e81758-2c96-5de17b34006ae"
Accept-Ranges: bytes
Content-Length: 11414
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/png
sweetcaramel.pt/favicon/favicon-16x16.png
200 OK 1.7 kB URL HTTP/1.1 sweetcaramel.pt/favicon/favicon-16x16.png
IP
ASN #203461 Register S.p.A.
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash deb4255896443f9e2984c9c8528ca068
7ba1b9b7690540966ce721d6dcb3964748e94243
590e783c68d38feaf2a7f7b2cdf2bbbbf29ca06952f3bb2c639d651a117b5769
GET /favicon/favicon-16x16.png HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:38 GMT
ETag: "e81769-683-5de17b358bee6"
Accept-Ranges: bytes
Content-Length: 1667
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/png
sweetcaramel.pt/js/jqBootstrapValidation.js
200 OK 21 B URL HTTP/1.1 sweetcaramel.pt/js/jqBootstrapValidation.js
IP
ASN #203461 Register S.p.A.
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
Analyzer Verdict Alert fortinet Malware
GET /js/jqBootstrapValidation.js HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:57:26 GMT
ETag: "e8173d-8d46-5de17b2abb17a"
Accept-Ranges: bytes
Content-Length: 36166
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
scontent-frt3-1.cdninstagram.com/v/t51.29350-15/280764028_287476683595985_3426073269550843589_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=cwebT0CF24YAX8HI9r6&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_U_nMOdrVyJvisTy8eBdjhQ2O17ZmxjaVUWv79CdSCgQ&oe=62D42C64
403 Forbidden 21 B URL HTTP/2 scontent-frt3-1.cdninstagram.com/v/t51.29350-15/280764028_287476683595985_3426073269550843589_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=cwebT0CF24YAX8HI9r6&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_U_nMOdrVyJvisTy8eBdjhQ2O17ZmxjaVUWv79CdSCgQ&oe=62D42C64
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/280764028_287476683595985_3426073269550843589_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=cwebT0CF24YAX8HI9r6&_nc_ht=scontent-frt3-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_U_nMOdrVyJvisTy8eBdjhQ2O17ZmxjaVUWv79CdSCgQ&oe=62D42C64 HTTP/1.1
Host: scontent-frt3-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcIYW32P79G8LNHFyCc_B4BXxyMyG1cqaRmc2kotxVnAyL-GFKlT_9u68sogQJAsX9uSB390EdeKLv2L"; e_fb_vipaddr="AcIn-sabmY9HZKURcpwJp8rT4MahU1NfkG0l6yK7SrgdhnTmkuTldYDT3nq5cQMlVV0dTa8"; e_fb_builduser="AcJBecbfhL5FbI4ihtHiXAUIuJDnQu9e5z3AW4ndenYxO3HUpkIdtoHWzl0q4Xj7JF0"; e_fb_binaryversion="AcJKyKyxQUn_kk_cmoAdNXgA7RznIdc1678OHgxjpkiRV4A5Xi7MiSVweEQgyeRsQwCxaaUH1gZ7APmekV9pNCHB5-N4O7N-A2U"; e_proxy="AcJOyx9JhpdEndis3LtfAJ1vMJs1Jq1FTqXQCK2giOAWQP5Y9GZh5WxyM63O_dtFIP4sksfUnpF0CRk"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 1425083115
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frx5-1.cdninstagram.com/v/t51.29350-15/284694778_1683659911987813_1201670481740946901_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=OnIELDWovg8AX-_DIMD&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_vZdMch045Qqvt7GJBk5UsGMlBd7J-hhXfUZW5gKnPPw&oe=62D36CF5
403 Forbidden 21 B URL HTTP/2 scontent-frx5-1.cdninstagram.com/v/t51.29350-15/284694778_1683659911987813_1201670481740946901_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=OnIELDWovg8AX-_DIMD&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_vZdMch045Qqvt7GJBk5UsGMlBd7J-hhXfUZW5gKnPPw&oe=62D36CF5
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/284694778_1683659911987813_1201670481740946901_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=OnIELDWovg8AX-_DIMD&_nc_ht=scontent-frx5-1.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT_vZdMch045Qqvt7GJBk5UsGMlBd7J-hhXfUZW5gKnPPw&oe=62D36CF5 HTTP/1.1
Host: scontent-frx5-1.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcINRXfr2oIabR-sGnOyuo8Z3mjZVcV0CfpTo5uhVsJqvfsc0JTqOMKY17_TS0-bT9nL88rYtGEVK3mh"; e_fb_vipaddr="AcK7Z3TtZsAQ6ngB7Lg44cTXCgnPfPETj4VzogOrkKnjZN52PMt_kgo9_lDtsT-jcEzHXWdrsg"; e_fb_builduser="AcJlU9AVDnrpLQTIeT9aAfAMt7iIxvQphhmy3cP6mSCKHGkOk-Qjz7Pi3M_eyJclCnI"; e_fb_binaryversion="AcL1WtulPy0KHaaUQJyL29fi3FSzvQ2ijFz62CfSQVlfyAWg15Jzg9k7SpkICis5Evickh2BdOovJBwByziJbVTlwRDMtO3wAew"; e_proxy="AcKQQDyKKwPyhSpKVXg1V7JZclVDlCrkNxwEw12Q1jEw1PoGDGs82HsHPgAvsWgEaYoU6YuO0LhpdK8C"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 780166575
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-frt3-2.cdninstagram.com/v/t51.29350-15/281005889_1516998862090520_7285427324819657626_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=KhW2KfOz5g0AX_A_E8c&_nc_ht=scontent-frt3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-G1YOMaceOWllUsiQGin3Zs5lHyBkHh3gTb7XEjyMLTg&oe=62D46948
403 Forbidden 21 B URL HTTP/2 scontent-frt3-2.cdninstagram.com/v/t51.29350-15/281005889_1516998862090520_7285427324819657626_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=KhW2KfOz5g0AX_A_E8c&_nc_ht=scontent-frt3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-G1YOMaceOWllUsiQGin3Zs5lHyBkHh3gTb7XEjyMLTg&oe=62D46948
IP
File type ASCII text, with no line terminators
Hash 6da25d09495fcf438ac047a93b6d55db
3c47de0b8adaca2b257f236519fa5c5cdd6f01ab
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
GET /v/t51.29350-15/281005889_1516998862090520_7285427324819657626_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=KhW2KfOz5g0AX_A_E8c&_nc_ht=scontent-frt3-2.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-G1YOMaceOWllUsiQGin3Zs5lHyBkHh3gTb7XEjyMLTg&oe=62D46948 HTTP/1.1
Host: scontent-frt3-2.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.lightwidget.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
proxy-status: http_request_error; e_clientaddr="AcL9QNYknKk6uIZ2HWlauOGg0NpH14TCTQPI4Rtt7DjtqNsa-A1ENFnlNjJxlNvFN66VWj-Egw9Wg39V"; e_fb_vipaddr="AcK2xAI91hBYoUrObCev_DHNk1JbTWlnVIRDZ7FigIoYkpIKMOBuL5i4ggzOCkWCZ5JFagzbvQ"; e_fb_builduser="AcIhT3-VTVIdKTljmMKiNAJk9eE5_H32sliE-wGIHz_qeEomT4MS1V21OibuOp9UUPU"; e_fb_binaryversion="AcL2LXbUHe8yf4dpmXMjZkThJ_I4b2g0EXmosU2kQaaLsmC_0_tsUDG1Kxo7e7kertyy5PmgDG3bU214wB3vk2woCKdl5Kb2b54"; e_proxy="AcIRzuSykcOl7XINb2yBdPMBcmh3cqBmR3-yPtQYKSxPnvn-SGn1JldflcjUbk5YflF-vDs9sJkWR3M"
content-type: text/plain
content-length: 21
server: proxygen-bolt
x-fb-trip-id: 1425083115
date: Tue, 27 Sep 2022 13:52:48 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 12:41:09 GMT
expires: Tue, 27 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 4299
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:24:56 GMT
expires: Mon, 25 Sep 2023 18:24:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 156472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3823
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
sweetcaramel.pt/img/slide14.jpg
200 OK 370 kB URL HTTP/1.1 sweetcaramel.pt/img/slide14.jpg
IP
ASN #203461 Register S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x900, components 3\012- data
Size 370 kB (370505 bytes)
Hash c2ee98f058e1ebbd1a4b8b0e78e24f5e
9dfe99a3f3e3b2541be97507b302c0b0530eca11
fb00cb925c792088dcd3edd10e8a5688b9701e5969c310d8c46fcdae5ccc51b1
GET /img/slide14.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:02 GMT
ETag: "e81788-5a749-5de17b4cf56d0"
Accept-Ranges: bytes
Content-Length: 370505
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/j/collect?v=1&_v=j97&a=699924449&t=pageview&_s=1&dl=https%3A%2F%2Fsweetcaramel.pt%2F&ul=en-us&de=UTF-8&dt=Sweet%20Caramel%20%7C%20Festas%20com%20Amor%20e%20Personalidade&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1222195696&gjid=1089350403&cid=45990334.1664286767&tid=UA-129779740-1&_gid=1167372628.1664286767&_r=1>m=2ou9q0&z=117216750
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=699924449&t=pageview&_s=1&dl=https%3A%2F%2Fsweetcaramel.pt%2F&ul=en-us&de=UTF-8&dt=Sweet%20Caramel%20%7C%20Festas%20com%20Amor%20e%20Personalidade&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1222195696&gjid=1089350403&cid=45990334.1664286767&tid=UA-129779740-1&_gid=1167372628.1664286767&_r=1>m=2ou9q0&z=117216750
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=699924449&t=pageview&_s=1&dl=https%3A%2F%2Fsweetcaramel.pt%2F&ul=en-us&de=UTF-8&dt=Sweet%20Caramel%20%7C%20Festas%20com%20Amor%20e%20Personalidade&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1222195696&gjid=1089350403&cid=45990334.1664286767&tid=UA-129779740-1&_gid=1167372628.1664286767&_r=1>m=2ou9q0&z=117216750 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sweetcaramel.pt
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://sweetcaramel.pt
date: Tue, 27 Sep 2022 13:52:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:52:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X2xDHMpAWzU1cXe357AmGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iHSk7hgjeB5xtkVrQ1Avuz2i+yc=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f67e5c0a30bf39343e23e786db7da01e
95511b1a03384a470f51ec0232ff78faa099d359
ffbcbd6fe9d4bf72d9a017250fb5006ea755adaefd851a2d7ce6470cb757048d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FFBCBD6FE9D4BF72D9A017250FB5006EA755ADAEFD851A2D7CE6470CB757048D"
Last-Modified: Tue, 27 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Tue, 27 Sep 2022 19:52:18 GMT
Date: Tue, 27 Sep 2022 13:52:49 GMT
Connection: keep-alive
www.fixando.pt/widget/?p=dd6b71dbcfcd1f056e2c4412a444787a&b=l_r_d
200 OK 370 B URL HTTP/1.1 www.fixando.pt/widget/?p=dd6b71dbcfcd1f056e2c4412a444787a&b=l_r_d
IP
File type JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Hash 066f761fce906113dcdc938e708206e2
a91118796a9b6714665485658c4ca4e1f2b4b5dd
e5f0cb1e05b4a7da911e19dba20644daaae13cff230236c49ffeb5469f7fde48
GET /widget/?p=dd6b71dbcfcd1f056e2c4412a444787a&b=l_r_d HTTP/1.1
Host: www.fixando.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sweetcaramel.pt
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 13:52:49 GMT
Content-Type: application/json
Content-Length: 370
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: FIXANDO=ca93aceac5e551e8ca77b947273bfb98; path=/; domain=.fixando.pt; secure; HttpOnly; SameSite=lax
FIXANDO=ca93aceac5e551e8ca77b947273bfb98; expires=Fri, 30-Sep-2022 13:52:49 GMT; Max-Age=259200; path=/; domain=fixando.pt; secure; HttpOnly; SameSite=lax
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Upgrade: h2,h2c
Vary: Accept-Encoding,Origin
Content-Encoding: br
Access-Control-Allow-Origin: *, *
X-Frame-Options: sameorigin, SAMEORIGIN
X-Content-Type-Options: nosniff, nosniff
X-XSS-Protection: 1; mode=block, 1; mode=block
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18536
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 13:52:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18536
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 13:52:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18536
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 13:52:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18536
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 13:52:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 58203
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 57650
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62ece01d7e0036711832df5a25175b3b
c80d9ce02eeaa7b0166a696e811d2cffde4997d0
8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5cPZZOqAPyLdASSDpGDdne0bUt_SswKXMjufitPEjmp6tG5XtYz5Ag==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:05:59 GMT
age: 56811
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.lightwidget.com/widgets/f1bb881bedf65564877eacae0fbd5c09.html
200 OK 20 kB URL HTTP/2 cdn.lightwidget.com/widgets/f1bb881bedf65564877eacae0fbd5c09.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (52686), with no line terminators
Hash 08f20c3c02b8a7607e5bda10b3eed582
86a732cc17b0d88aa2b0ce8bd3b56687931e2ba4
4b33d99a361c39d8cd6885c785ac04c4c315de6f855996c80ec39e0304292b68
GET /widgets/f1bb881bedf65564877eacae0fbd5c09.html HTTP/1.1
Host: cdn.lightwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 13:52:48 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 13 Jul 2022 15:06:04 GMT
cache-control: max-age=1800
cf-cache-status: MISS
server: cloudflare
cf-ray: 7514b8cd2d091c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 44818
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 46015
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sweetcaramel.pt/img/slide4.jpg
200 OK 0 B URL HTTP/1.1 sweetcaramel.pt/img/slide4.jpg
IP
ASN #203461 Register S.p.A.
GET /img/slide4.jpg HTTP/1.1
Host: sweetcaramel.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 13:52:48 GMT
Server: Apache
Last-Modified: Tue, 03 May 2022 08:58:00 GMT
ETag: "e8177d-49934-5de17b4a8bbdc"
Accept-Ranges: bytes
Content-Length: 301364
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
cdn.lightwidget.com/widgets/lightwidget.js
200 OK 0 B URL HTTP/2 cdn.lightwidget.com/widgets/lightwidget.js
IP
GET /widgets/lightwidget.js HTTP/1.1
Host: cdn.lightwidget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweetcaramel.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 13:52:48 GMT
content-type: application/javascript
cf-bgj: minify
access-control-allow-origin: *
etag: W/"6273f709-301"
last-modified: Thu, 05 May 2022 16:10:49 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=1382400
cf-cache-status: HIT
age: 6691
server: cloudflare
cf-ray: 7514b8ccfcc31c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
185.2.4.133
172.67.12.188
185.60.216.52
3.71.208.248
23.36.77.32
93.184.220.29