r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16820
Expires: Sun, 27 Nov 2022 10:07:50 GMT
Date: Sun, 27 Nov 2022 05:27:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3688
Cache-Control: max-age=108306
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:30 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:32:36 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19912
Expires: Sun, 27 Nov 2022 10:59:22 GMT
Date: Sun, 27 Nov 2022 05:27:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 05:17:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 594
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aoqKMOs7k8udFYr71zwrJor9oNMkoWcU2DYgi/DfkyIzFo/RD0TQu8+OqDFnNKNGRc8YgC7hyiA=
x-amz-request-id: M65XZ2T3PP9GR27J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 04:44:30 GMT
age: 2580
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 05:27:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (3707)
Hash a9bcac9a10c573d68be1d8b67a018f17
a54f1ea1750793c68a14c78cb27d3bfba3912562
0c439f38b6b1a656a64ce158d03c29a1b55ac178a814e9c8d05bb4ffea642b6a
GET /gtm.js?id=GTM-N2FTFQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 05:27:30 GMT
expires: Sun, 27 Nov 2022 05:27:30 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 05:11:12 GMT
cache-control: public,max-age=3600
age: 979
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f98346a9bd91171020d31e426e673dcd
4d2556b3920bf136c73225bdc885b43b51e45c7f
81259d10b415a0b3a687a2b926f1f084a5f9282fe12fc21421dc3b54b3baca4d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98231
Date: Sun, 27 Nov 2022 05:27:31 GMT
Etag: "6381ca89-1d7"
Expires: Mon, 28 Nov 2022 08:44:42 GMT
Last-Modified: Sat, 26 Nov 2022 08:12:57 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 112Ic41zUm23_nmeKeaEs63u3lSJubEn6A6eHsvotHSQllUwtODlWQ==
Age: 1905
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4920
Cache-Control: max-age=104480
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:28:51 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
52.67.179.114200 OK 9.2 kB URL HTTP/1.1 cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
IP 52.67.179.114:0
File type ASCII text, with very long lines (22651), with no line terminators
Hash bb462b00b14c20c1058237a188f4033b
6cb3f0724e5b750d6d1ae92518a9126314368e7b
ff1a4463eadc1c7e0bce4edd7635a026f7106130efd1c27bd4bb8af6104edf08
GET /df/tag.js?id=PM-N2FTFQ HTTP/1.1
Host: cdn.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=300
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 05:27:31 GMT
ETag: W/"6377e3e9-587b"
Expires: Sun, 27 Nov 2022 05:32:31 GMT
Last-Modified: Fri, 18 Nov 2022 19:58:33 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
Content-Length: 9197
Connection: keep-alive
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /KGP34yhsGyrkE47PsRWHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: StlDwCQoNcMnkd+MqzrD5UdY8m8=
20.226.53.216/
20.226.53.216200 OK 701 kB IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (667), with CRLF line terminators
Size 701 kB (700553 bytes)
Hash 2cf00e64c65926c31893e24f8aa5e2ae
0bdbe2048337105fc04479769615b8e497b2f134
6e08436e569d4b92157849206619c6a0a8b39b76e18c33f8463d7a1670c625a3
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET / HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:28 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
X-Powered-By: PHP/8.1.12
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=146164
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 22:03:35 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=146164
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 22:03:35 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js
104.17.25.14200 OK 3.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (551)
Hash 5f345b49c5cccdac9d92d226c63c0848
51daf502544cba68c3b260b80782818edc3509b7
d783ef3c478b98da6c706b71289143dbe1546b59ab498eafc8011c535312c92f
GET /ajax/libs/jquery.mask/1.14.11/jquery.mask.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 05:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 2995
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-1f33"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2626396
expires: Fri, 17 Nov 2023 05:27:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPQShiZ4nhrTsroEeOgcZ5%2Fy3yVjLE63vCYU0p%2FJx63VH1Z4bES12l2Wn6fUB9eMTEpY88hI98csxuaP5WosINkBGDFTzZE5Vg1h8sJqy2vr09JhyaZwL%2FkC3j1w4ifJq8vOVMMQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 770874869bf81c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 05:27:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 344693
expires: Fri, 17 Nov 2023 05:27:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vrm2Rrgnjss1Wj5m3IBbcDywxEVGxWftQjFRiA2eX18cWpbyitDTIOEe60TKyRx64MvcoD5yjTqgpG5dgYRFaua2nolSog3jYatJYrLR%2FeRMDoqJcM2%2BCC9nScxs%2BF3IOjU8zX8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 770874869bf91c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=146164
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 22:03:35 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
142.250.74.164200 OK 577 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
IP 142.250.74.164:0
File type ASCII text, with very long lines (913), with no line terminators
Hash 005929da9f22f756ea2bd78526497f2a
2a262d716efa1927c47e31cf92f8697fb84090cb
c47463081d9f06af183c72d0362262802f3860cb4504a47643cd3c27a70493ed
GET /recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 05:27:31 GMT
date: Sun, 27 Nov 2022 05:27:31 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 577
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
142.250.74.164200 OK 23 kB URL HTTP/2 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35920)
Hash 585cf234838ee93ddd1d614b669f741f
6cd8789a1d066aad3bf4abdf2f0fa08f7a91c59a
9d9d11554b03c4db22be15ca6a081557438803f723b666840e7c1fd9c2e605e3
GET /recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&badge=inline&cb=w8nbvdy4oe3d HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 27 Nov 2022 05:27:31 GMT
content-security-policy: script-src 'nonce-FqHwhA5KTHbE38v616zJzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 23287
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20.226.53.216/cartoes-renner/fonts/Roboto-Regular.woff2
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Regular.woff2
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.woff2 HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528650409|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:29 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Bold.woff2
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Bold.woff2
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.woff2 HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528650409|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:29 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
142.250.74.163404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 2bcfb6dcc238a9318d881634b323949c
3f8e3147f383aafb815bf61b54d567d26923de94
88f8e2b0e7d741f0dc9675d5f2ddafbec5aab1ccffac36539d5098197f3e5b86
GET /recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 05:27:31 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 05:27:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.226.53.216/cartoes-renner/fonts/Roboto-Light.woff2
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Light.woff2
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Light.woff2 HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528650409|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/vectors/bg-login.svg
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/vectors/bg-login.svg
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/vectors/bg-login.svg HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651535|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Black.woff2
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Black.woff2
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.woff2 HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528650409|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Bold.woff
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Bold.woff
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.woff HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651535|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/vectors/whatsapp.svg
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/vectors/whatsapp.svg
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/vectors/whatsapp.svg HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651535|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Regular.woff
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Regular.woff
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.woff HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651535|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Light.woff
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Light.woff
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Light.woff HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Black.woff
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Black.woff
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.woff HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Bold.ttf
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Bold.ttf
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.ttf HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ff285a79bdf667c349ed6c8d3b5b42e7
2ba46936b43f4c3494118321fee2a20c24be95a9
63908495f5bede4a429649c289db328d9529769b175e3ecbaf17e1719100586a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140666
Date: Sun, 27 Nov 2022 05:27:32 GMT
Etag: "63826efd-1d7"
Expires: Mon, 28 Nov 2022 20:31:58 GMT
Last-Modified: Sat, 26 Nov 2022 19:54:37 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NzURv7Nd5KHevRiV1dckZZN5jd8mjWdJ27yxBP4khIajhLDSoeRFOg==
Age: 2241
20.226.53.216/cartoes-renner/fonts/Roboto-Regular.ttf
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Regular.ttf
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.ttf HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
142.250.74.163404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b35bf41523a1b108c2e5489a200c43ef
c4c50b01ef2b5bcabd088fb5b9faaca457501539
0f9046a19a383093b46afd95f765da649aef27e968bd9e2fb490ea95570087ec
GET /recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__pt_br.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 05:27:32 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20.226.53.216/cartoes-renner/fonts/Roboto-Light.ttf
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Light.ttf
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Light.ttf HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/fonts/Roboto-Black.ttf
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/fonts/Roboto-Black.ttf
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.ttf HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:30 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e594ded3beca5ba27e2bdbf5212ffc4e
4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd
5d148cee2b0d55e7bc88dcaec88a0b98cbce9bbbae867464f9b1f85861aa1f21
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 00:18:34 GMT
Expires: Sat, 03 Dec 2022 00:18:33 GMT
Etag: "4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd"
Cache-Control: max-age=499260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7708748ae855b4f9-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e594ded3beca5ba27e2bdbf5212ffc4e
4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd
5d148cee2b0d55e7bc88dcaec88a0b98cbce9bbbae867464f9b1f85861aa1f21
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 00:18:34 GMT
Expires: Sat, 03 Dec 2022 00:18:33 GMT
Etag: "4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd"
Cache-Control: max-age=499260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7708748aedac0b65-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e594ded3beca5ba27e2bdbf5212ffc4e
4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd
5d148cee2b0d55e7bc88dcaec88a0b98cbce9bbbae867464f9b1f85861aa1f21
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 00:18:34 GMT
Expires: Sat, 03 Dec 2022 00:18:33 GMT
Etag: "4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd"
Cache-Control: max-age=499260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7708748accddb4f3-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e594ded3beca5ba27e2bdbf5212ffc4e
4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd
5d148cee2b0d55e7bc88dcaec88a0b98cbce9bbbae867464f9b1f85861aa1f21
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 00:18:34 GMT
Expires: Sat, 03 Dec 2022 00:18:33 GMT
Etag: "4c643cd4d678b9dd6c6bfa47bb1865cdd8821fdd"
Cache-Control: max-age=499260,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7708748acc47b517-OSL
s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
52.95.164.34200 OK 0 B URL HTTP/1.1 s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
IP 52.95.164.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frame-image-br/bg.png?x-id=real&x-r= HTTP/1.1
Host: s3-sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SceBWPeoCs59N/sgo6YhYEUEMN3oyqJfudtYt8FVGspex4gAX0h/Rx+vqbKcnSNTa1dfqC/Fnjg=
x-amz-request-id: 7HPAA8KNXY947YSR
Date: Sun, 27 Nov 2022 05:27:33 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 05:27:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 05:27:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 05:27:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 05:27:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 05:27:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa0bb072-3065-47f5-88ac-e3977adf0cba.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa0bb072-3065-47f5-88ac-e3977adf0cba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7d70dfcfffed4941f9766906c52776c
cd268c0301ee9ec2de1aaaf5fff3efede4973916
024dcb67aca1c6491ca045b1384b623ff934362b77bac2916ad2744e5c6c4bd2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa0bb072-3065-47f5-88ac-e3977adf0cba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3532
x-amzn-requestid: 12f95833-5aca-4633-8eac-011f194953ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJWisFi5IAMFgCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806add-77d024405c7fe57124c4ae1c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:12:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1S-sQFrW2Vf798xP9uxi0MXQoSQFN_hcvhapGyVo1TJRwkOvnS9Slg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:29:33 GMT
age: 79079
etag: "cd268c0301ee9ec2de1aaaf5fff3efede4973916"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 27355
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9de86e0161ef1255306ddfce1c2549d7
f77ff5378766c6b14125de0e003b21f34726672b
7db14b31e7e2d882eb446bd6056ad9e8eed6e1581837a6d54d2e0d26aa2600bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183848d2-b6cc-4349-b07a-3fd8540a63e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4023
x-amzn-requestid: e9fe84db-d488-4ec7-81e6-c819bb625944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b44BuHsmIAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d3a4-54fbd7892170110e4bafc899;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GYi18tS1H9gOh6y9rQGwRx9VANq4dYJ_vJIpMD0kWIXFVNSif-sxXA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:05:29 GMT
age: 26523
etag: "f77ff5378766c6b14125de0e003b21f34726672b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 45951
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc51742200b699c93a6ede66c7997d2a
1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6
a7cc50883ac1a59fc14f0467551dec16cef3b033df599b23916427c5e42be1aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: ff37a7a0-ac51-4629-bb45-8983c4bcdd96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFFCuFL4oAMFpRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb544-7644e0183e2abc225f5e0938;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0oFg5UqP5KArhT2955eVqJsGhcnVoe7Je9nf6yTA7BLSsMVT2mXXUA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:26:21 GMT
age: 32471
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQEJS9-L2M6WJ5nqH7C7MqIv96GDNUexqw60hbX_3z8wxv8bp0ARwQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 17:52:17 GMT
age: 41715
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg
200.248.113.245200 OK 4.1 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge-reverse.svg
IP 200.248.113.245:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10788)
Hash 7b19842be289959083f32598c7a28948
cf017a80268641be5d07e92752bf8d9810e9784a
fcdcdc5d4255b28025c96a0a5cebf4c63d6f76dd51b0dbe2ba5e34d080257d21
GET /cartoes-renner/vectors/google-play-badge-reverse.svg HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c2467-2a25"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1435641198"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_12_sn_48DD64B1EBA9BF5C4B98259315D46114_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!9kok3jOG1kp/EuIwvU4xC4Cc5ENYpeSd9eTHOOf1RDNtqfhCjYrun/wb2o87ln/hbLKRGSo/o6oREgs=; path=/
TS0129a473=01c0c86495646cfc85bd7992f3f4acd57ad1cd8a95173eabbfcb8e656697e07c39a7fc7a6a8c5176c8330ea625c7dfed03f8da2113; Path=/
TS01fa365e=01c0c86495646cfc85bd7992f3f4acd57ad1cd8a95173eabbfcb8e656697e07c39a7fc7a6a8c5176c8330ea625c7dfed03f8da2113; path=/; domain=.realizesolucoesfinanceiras.com.br
Transfer-Encoding: chunked
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg
200.248.113.245200 OK 3.2 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/app-store-badge.svg
IP 200.248.113.245:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14261)
Hash 668f84fa44206efd24ee39cc62335448
2e30dbcadf25bb30cd215c730697f78bc5cb7169
4c6d88babbcc1b9aa250e2cfcb04d7af282a7e8b093e5ed0bde51fc64b2efead
GET /cartoes-renner/vectors/app-store-badge.svg HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c2467-37b6"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="835277409"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_10_sn_23B096353376299AFB7690D55C40C09A_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!rONjewPlPb8vy3MwvU4xC4Cc5ENYpcWzR+GLfDRD022tUr8smKGvuDl3IYCLUMbu6O3sWmUrTSSFerg=; path=/
TS0129a473=01c0c864957a5ffaf80c61ce7ec091dab2b35f6ca28c7d852ce80d8a893bd0a60532cea418cafc8189ba6f3c91ce29ac9dde6fdf94; Path=/
TS01fa365e=01c0c864957a5ffaf80c61ce7ec091dab2b35f6ca28c7d852ce80d8a893bd0a60532cea418cafc8189ba6f3c91ce29ac9dde6fdf94; path=/; domain=.realizesolucoesfinanceiras.com.br
Transfer-Encoding: chunked
www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg
200.248.113.245200 OK 4.1 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/vectors/google-play-badge.svg
IP 200.248.113.245:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10785)
Hash 1c129f8fb2eacc18c9fb615f27cd120d
046ac834889efee3a7a7184ef09a1fd76dc9ac6a
234865093b4eebfc55170640bd67c45c09a2d3754ea78196bb14534032aaff76
GET /cartoes-renner/vectors/google-play-badge.svg HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633c2467-2a22"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1974493542"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Set-Cookie: dtCookie=v_4_srv_8_sn_017D41A20A5EC593769A7F1C560AD58F_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!He5EPFsxnhLdIUcwvU4xC4Cc5ENYpdO5ML0CbU7H3HhYl/vToWHuZtJCMEgV0EOLUl6JDmKbdaioYFM=; path=/
TS0129a473=01c0c86495da68d18598cba6c155680a0a56276781e470bbc83926028c4babbaa8839f0031e408eb65032aed6ac999781a7de00881; Path=/
TS01fa365e=01c0c86495da68d18598cba6c155680a0a56276781e470bbc83926028c4babbaa8839f0031e408eb65032aed6ac999781a7de00881; path=/; domain=.realizesolucoesfinanceiras.com.br
Transfer-Encoding: chunked
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 04:41:08 GMT
expires: Sun, 27 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 2784
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=103686931.1660754357
142.250.74.174200 OK 44 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=103686931.1660754357
IP 142.250.74.174:0
File type ASCII text, with very long lines (1921)
Hash 347b5b353201945488eb88fc03c02060
5dc27a6bf0aa4aebdc164263ff5f2f94cd849857
b9fd4324f597e35aca6dcb5ccbb5efa8c8159eb798f2957377a63134f969c187
GET /gtm/js?id=GTM-W9SBWRL&cid=103686931.1660754357 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 05:27:32 GMT
expires: Sun, 27 Nov 2022 05:27:32 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20.226.53.216/cartoes-renner/images/lojas-renner.png
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/images/lojas-renner.png
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/images/lojas-renner.png HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:31 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.226.53.216/cartoes-renner/images/favicon.ico
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/images/favicon.ico
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/images/favicon.ico HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h1vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528651682|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:31 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png
200.248.113.245200 OK 155 kB URL HTTP/1.1 www.realizesolucoesfinanceiras.com.br/cartoes-renner/images/celular-login.png
IP 200.248.113.245:0
File type PNG image data, 379 x 485, 8-bit/color RGBA, non-interlaced\012- data
Size 155 kB (155176 bytes)
Hash e624d089f9b2fff768b6b592285a4f12
bef94cbbf3c93e3cc8cc45975065216efc046336
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
GET /cartoes-renner/images/celular-login.png HTTP/1.1
Host: www.realizesolucoesfinanceiras.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 05:27:32 GMT
Content-Type: image/png
Content-Length: 155176
Last-Modified: Tue, 04 Oct 2022 12:17:43 GMT
Connection: keep-alive
ETag: "633c2467-25e28"
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-832567793"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
Set-Cookie: dtCookie=v_4_srv_8_sn_32756DA1996C24055EA36BEA6A45E3CF_perc_100000_ol_0_mul_1_app-3A189e25234ffe70ce_1_rcs-3Acss_0; Path=/; Domain=.realizesolucoesfinanceiras.com.br
LBSessionID=!V5izfPJg8OwRZVcwvU4xC4Cc5ENYpasxePBV60Qjxn32bhULwIQ5av4kdSyVcQlkbEA8GavfJ1f5ZhI=; path=/
TS0129a473=01c0c86495477c311ea0db112dbc1b18d7af6caa482bd47dfb60161dc7ced74a7dbac4cd1b3b1ab0a3ea00a44067683875fd55310c; Path=/
TS01fa365e=01c0c86495477c311ea0db112dbc1b18d7af6caa482bd47dfb60161dc7ced74a7dbac4cd1b3b1ab0a3ea00a44067683875fd55310c; path=/; domain=.realizesolucoesfinanceiras.com.br
20.226.53.216/cartoes-renner/vectors/bg-login.svg
20.226.53.216404 Not Found 300 B URL HTTP/1.1 20.226.53.216/cartoes-renner/vectors/bg-login.svg
IP 20.226.53.216:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 171317e04dcad470dc0f6b44d62cdcab
9790f27cc06322fa7b633d009d7aa1593bb52fa8
19331886603a38bc8637f71804d2e8053bbc9168e2f1b79f0ac3421348e5c4d1
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/vectors/bg-login.svg HTTP/1.1
Host: 20.226.53.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.226.53.216/
Cookie: dtCookie=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4; rxVisitor=16695268503996L6ARJ2GDCG0SPIQ9OO9FKVPMVR75F8H; dtPC=-64$326850388_981h-vEMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0e0; rxvt=1669528653448|1669526850402; dtLatC=95; dtSa=-; _pm_id=957001669526851213; _pm_sid=980001669526851214; _ga=GA1.1.1396981856.1669526853; _gid=GA1.1.29160812.1669526853
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 05:27:32 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/8.1.12
Content-Length: 300
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6075e546d945f2c15abd86eaab7686f4
d09ca1be0f7af3a2864361968e30d222c19fb9c8
c2256603c3b7fdfd06aaaeeefd2b0cd9789fe29a2ecccac8b8f6dd0210d937ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 05:27:35 GMT
Last-Modified: Sun, 27 Nov 2022 04:21:56 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tjKsHZdCKSCC7Du0LUiwO1XLxe86H8m80UgJZZWbZmt-9xr9YoLolQ==
Age: 3939
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4&svrid=-64&flavor=cors&vi=EMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0&modifiedSince=1667815146717&rf=http%3A%2F%2F20.226.53.216%2F&bp=3&app=189e25234ffe70ce&crc=4197714571&en=ovxxhecl&end=1
34.192.182.139200 OK 702 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4&svrid=-64&flavor=cors&vi=EMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0&modifiedSince=1667815146717&rf=http%3A%2F%2F20.226.53.216%2F&bp=3&app=189e25234ffe70ce&crc=4197714571&en=ovxxhecl&end=1
IP 34.192.182.139:0
File type ASCII text, with very long lines (702), with no line terminators
Hash 3795e4de1d5fc6aa180060ca80cb866e
b7becb48d389e44fc29cb925507fd75ee4279cc1
554094ffaef09f344398362f1b577243782f8aa0ead53ef704ffac02ff78d0a8
POST /bf?type=js3&sn=v_4_srv_-2D64_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4&svrid=-64&flavor=cors&vi=EMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0&modifiedSince=1667815146717&rf=http%3A%2F%2F20.226.53.216%2F&bp=3&app=189e25234ffe70ce&crc=4197714571&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2971
Origin: http://20.226.53.216
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 05:27:35 GMT
content-type: text/plain;charset=utf-8
content-length: 702
set-cookie: dtCookie=v_4_srv_10_sn_5795A54A488B3264A9F4284E5F05ED14_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: http://20.226.53.216
cache-control: no-cache
X-Firefox-Spdy: h2
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_4_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=4&flavor=cors&vi=EMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0&modifiedSince=1669490973413&rf=http%3A%2F%2F20.226.53.216%2F&bp=3&app=189e25234ffe70ce&crc=4251883987&en=ovxxhecl&end=1
34.192.182.139200 OK 210 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_4_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=4&flavor=cors&vi=EMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0&modifiedSince=1669490973413&rf=http%3A%2F%2F20.226.53.216%2F&bp=3&app=189e25234ffe70ce&crc=4251883987&en=ovxxhecl&end=1
IP 34.192.182.139:0
File type ASCII text, with no line terminators
Hash cb4559660762c220e27cecf9cbacffc4
0e5de53e25338491eeefb34f6e690993bbabb07e
9a6a792f236613f377a43d6556271ebbaf434185761d044c1ccb5e1d8a4e3d4b
POST /bf?type=js3&sn=v_4_srv_4_sn_BVPF8APMF1QBEPFGNTV7CMKIR962S8A4_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=4&flavor=cors&vi=EMCGSRKFNSGVATQPVPSPCGKBRAPUVMJQ-0&modifiedSince=1669490973413&rf=http%3A%2F%2F20.226.53.216%2F&bp=3&app=189e25234ffe70ce&crc=4251883987&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5507
Origin: http://20.226.53.216
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 05:27:37 GMT
content-type: text/plain;charset=utf-8
content-length: 210
set-cookie: dtCookie=v_4_srv_9_sn_CB54C7230CB8EA07698A956BC13471FA_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: http://20.226.53.216
cache-control: no-cache
X-Firefox-Spdy: h2
js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
54.230.111.96200 OK 0 B URL HTTP/2 js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
IP 54.230.111.96:0
GET /jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js HTTP/1.1
Host: js-cdn.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://20.226.53.216
Connection: keep-alive
Referer: http://20.226.53.216/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
date: Sun, 27 Nov 2022 05:09:41 GMT
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-source: Cluster
dynatrace-response-id: OFCZV8OZ21ZE
expires: Sun, 27 Nov 2022 06:09:41 GMT
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _qXkyJlCIvWAnaTNxY6pAguX81lgrFH5ClExSSWfwK-58v4XhkNW2g==
age: 1069
X-Firefox-Spdy: h2