| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe36c852b5e145f2f09fe73111fb162e1 e439c6a462f86a3003d6464a8b9999b1c4d1e210 52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4234
Expires: Thu, 27 Oct 2022 05:31:03 GMT
Date: Thu, 27 Oct 2022 04:20:29 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash45bfdf3b823cd24564c8ac296a8b5b19 b0c442eb4f87556b3beb18ca8039dd4399b73f16 32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6130
Cache-Control: max-age=111163
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:29 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:13:12 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash45bfdf3b823cd24564c8ac296a8b5b19 b0c442eb4f87556b3beb18ca8039dd4399b73f16 32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6143
Cache-Control: max-age=111176
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:29 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:13:25 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8db408c487f7d35bba323046736e8d3a 01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0 9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21103
Expires: Thu, 27 Oct 2022 10:12:12 GMT
Date: Thu, 27 Oct 2022 04:20:29 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain |  34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PFB2yaeuuGYLWHv0WPLt0yXv8dZA4fOfRIHzj9Nl/whG6htarssIBnPYub9lBnC49+GEgRpM/OB6zX16x11zeg==
x-amz-request-id: P6B71QQNTH4JFCXD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 03:39:27 GMT
age: 2462
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 04:20:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashdd283dfc036535bdeb8a8be1310ef930 d3b1c300dd75d7af630e0f3112e49d7492d66c17 578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4194
Cache-Control: max-age=104171
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:30 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:16:41 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.27.12.161 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.27.12.161:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: goPloAFwqM1PqGciXxc+zQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0dEeDBFYnNI14/c/4/TYxXu5WC4=
|
|
| seguro.caixamisteriosa.net/checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a |  170.82.173.30 | 301 Moved Permanently | 134 B |
URL HTTP/1.1seguro.caixamisteriosa.net/checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a HTTP/1.1
Host: seguro.caixamisteriosa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 27 Oct 2022 04:20:31 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.caixamisteriosa.net:443/checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a
X-GoCache-CacheStatus: BYPASS
Server: gocache
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash262ee317a7d41424cef3f541f6e538d3 1c298c901f93a95e99bdc63259f415ab84a13783 c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7256
Expires: Thu, 27 Oct 2022 06:21:28 GMT
Date: Thu, 27 Oct 2022 04:20:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash262ee317a7d41424cef3f541f6e538d3 1c298c901f93a95e99bdc63259f415ab84a13783 c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7256
Expires: Thu, 27 Oct 2022 06:21:28 GMT
Date: Thu, 27 Oct 2022 04:20:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash262ee317a7d41424cef3f541f6e538d3 1c298c901f93a95e99bdc63259f415ab84a13783 c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7256
Expires: Thu, 27 Oct 2022 06:21:28 GMT
Date: Thu, 27 Oct 2022 04:20:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash262ee317a7d41424cef3f541f6e538d3 1c298c901f93a95e99bdc63259f415ab84a13783 c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7256
Expires: Thu, 27 Oct 2022 06:21:28 GMT
Date: Thu, 27 Oct 2022 04:20:32 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash36dbf36c45aa3c5d6e10f8c4afd8bf34 bee7e540981a4ffb14728d2ac4a53ce28e299d0d 0dad70dc63e95aa8fd9befdb7dc4f971bad962e300f380dab2a04cc60138374d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9098f868-2119-42f3-92b9-615f0a2c32f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8760
x-amzn-requestid: 013df52a-1abe-4a1b-ac52-9a5ec5da55b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocv2HRMoAMF5mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fe-70e98155664262621b8538b5;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9uDSJn3yAYI7RNgIs96f2AT8nfTgd6YbFkMAc9aJAW4wTMiN_JqhEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:55:31 GMT
etag: "bee7e540981a4ffb14728d2ac4a53ce28e299d0d"
content-type: image/jpeg
age: 23101
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash05e2d92ca05c08e9598d4128d55b1cba 109364ef1db445ba6c5e8c1178ab56fcce80d346 078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 245cd792-64fd-4490-b8f8-5b354fd9b0b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ak4zTELFoAMFyzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63583b48-33a9dfe97f63f43050b4ecdd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 19:38:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bCL523JRD-JUSoK1Hdsk2hLdEp1NXxckJshwO96kQesEZAxdT7YKfg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 10:21:57 GMT
age: 64715
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd902e06ceaeb060cec24c464c11738d ffdfde08eb38e20b01c550fd4b1bb871304bb0ea 593f5c12c617c7217205d8aa95fe5f0c46014e5be8f2c8d3010cdd876faeb7dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5247
x-amzn-requestid: 7e07eeaa-b95a-4283-8ca7-fb28e9e30258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRpdhGDJIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508923-4e947c3539ad0d6d777a47cd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:32:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2MCXNwZ3bpXpeSAlOCc2GbIYnv2qJNg2v2h2MWrfBr2OleP6g6kn2A==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:53:36 GMT
age: 23216
etag: "ffdfde08eb38e20b01c550fd4b1bb871304bb0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4f9f8683351154be3300311e3a7e29e3 4fc868d652910c7dcf4ef0e87531de4ee6007c45 d4f012729e0eddc20948ad98d653794204f80344a5840142877dcaa8d2520a71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa85c6304-6f72-4904-bb25-968b35616ef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7428
x-amzn-requestid: f474225b-1b7e-4e4e-b967-827dff138e2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aioFrH2ioAMF4Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635753bd-140dc30a1ca63aae54cd4621;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 03:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uXh_puh8KbSQsJ9E6WnyTjLF_nBhhSOrg4TOx5BugoMM88DOz66jgA==
via: 1.1 78c1c4eb451e4790ed630b0d5a576590.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 04:11:38 GMT
age: 534
etag: "4fc868d652910c7dcf4ef0e87531de4ee6007c45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg | 34.120.237.76 | 200 OK | 5.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashace7660d2948795997e3c7cb9cf12495 fed9b6693077d233f60cc7394c7b667291ffade7 fd4718a6649572cbaf13f46b8e2961cd1c680afa1494b0bacd5fda9010a95098
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedeaf71-ffea-4e66-9a25-1410acdb03ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5136
x-amzn-requestid: 0059b05c-746b-41cd-8cc1-c744d0b149fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoc2-H9sIAMFquA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a82c-772120580c4cf9e45b685971;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fqqRNgPgAZRwp_xRyHC3YzEKQTwydDs45MNLQC7hoRpytCb91-9b5Q==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:42 GMT
age: 23390
etag: "fed9b6693077d233f60cc7394c7b667291ffade7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheb430e5efbc6c8c306fce87e26faf734 b05b7299a7e473e873510671a6abdd5227a53f46 c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:53 GMT
age: 23379
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0f2ec6054a6b85104092358a8c86f6bf 3afef59ee7c1ce809a78de8890496e019d28a48e 55b26d3e10f3b7b9c16fb6993d94ae040b0c74d2ba45abf3b4d14d5d996ee071
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55B26D3E10F3B7B9C16FB6993D94AE040B0C74D2BA45ABF3B4D14D5D996EE071"
Last-Modified: Tue, 25 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 27 Oct 2022 10:20:32 GMT
Date: Thu, 27 Oct 2022 04:20:32 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash9d1d24b92c1f9297ec2b7358d5286040 4e741824ffe6b2ab34020b575a4a6b9308b91a6a 12d0c25c676a53469b4005d11bbe2ee5b600fcdbc78b606e5cceb17d354456a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169080
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:33 GMT
Etag: "6359f889-117"
Expires: Sat, 29 Oct 2022 03:18:33 GMT
Last-Modified: Thu, 27 Oct 2022 03:18:33 GMT
Server: nginx
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hasha63ea2903767bb46326d85331e42e34e b113b248df6025ed117551b7baa1960316122415 4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashf046e6113dd1e5e499c765516be08b17 c2253055e09b46209469853cad8720e64f84a1bf 18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash6e68d9268f7c6c282264ceeedc69f3ed 7f57bdf680e6eda96e4e39321da869ad5e9e6249 ca1716d80a80d45b5f483a0e3c994bdddf7a1c5fca860747eb317ed8a826d02c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121942
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:33 GMT
Etag: "63594067-118"
Expires: Fri, 28 Oct 2022 14:12:55 GMT
Last-Modified: Wed, 26 Oct 2022 14:12:55 GMT
Server: nginx
Content-Length: 280
|
|
| ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ IP142.250.74.35:0
Hash4d2d59c1c29e0c1291d01610d0bddbce 7247e70707f7bc893ee7b7af0e09eb9075b213d1 dacd02b37679570c364ed146ab0c62b00536ebb5f4cdcf0f3cc9a7f370db1c79
POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC | 142.250.74.164 | 200 OK | 585 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC IP142.250.74.164:0
File typeASCII text, with very long lines (884), with no line terminators Hash1c688e8b7ed088521762f89cbd72e218 1583739e93dd4910cac00db5bfa2ad3a2c8856f7 12d5e7dbe1cc3027cb2663e42a4cd5654433c5bf1d4e370dfefb19475ec67f5c
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 27 Oct 2022 04:20:34 GMT
date: Thu, 27 Oct 2022 04:20:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| js.upnid.com/v0.js | 130.211.14.112 | 200 OK | 8.3 kB |
IP130.211.14.112:0
File typeUnicode text, UTF-8 text, with very long lines (23050) Hash49fa980f95bb3bbff8b7a2857a727d5d 9e931943f03079522318820948018d78610eaca4 4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943
GET /v0.js HTTP/1.1
Host: js.upnid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Thu, 27 Oct 2022 02:32:31 GMT
age: 6483
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash9d1d24b92c1f9297ec2b7358d5286040 4e741824ffe6b2ab34020b575a4a6b9308b91a6a 12d0c25c676a53469b4005d11bbe2ee5b600fcdbc78b606e5cceb17d354456a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=169080
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Etag: "6359f889-117"
Expires: Sat, 29 Oct 2022 03:18:34 GMT
Last-Modified: Thu, 27 Oct 2022 03:18:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashf046e6113dd1e5e499c765516be08b17 c2253055e09b46209469853cad8720e64f84a1bf 18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ IP142.250.74.35:0
Hash4d2d59c1c29e0c1291d01610d0bddbce 7247e70707f7bc893ee7b7af0e09eb9075b213d1 dacd02b37679570c364ed146ab0c62b00536ebb5f4cdcf0f3cc9a7f370db1c79
POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash26e60c83d7af169687cbd74f7ca924e0 00f7ceb935fe1cc423f95718a04076e4f5eca150 a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| images.yampi.me/assets/stores/caixa-misteriosa9/uploads/testimonies/62e96354775ca.jpeg | 172.67.72.14 | 200 OK | 8.2 kB |
URL HTTP/2images.yampi.me/assets/stores/caixa-misteriosa9/uploads/testimonies/62e96354775ca.jpeg IP172.67.72.14:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data Hash9074436dac9f6d61bccb042c185adff3 b9d1247ca03baccc0203747de619c3579ac299fe b0a54814b8b0f5abf1f1c43941cfdc945fb105f0ad91962af3df15b2a98d1b24
GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e96354775ca.jpeg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: image/jpeg
content-length: 8208
cf-bgj: imgq:100,h2pri
cf-polished: origSize=8822, status=webp_bigger
etag: "64d0d3cf4cf12b175c2bfde2b119fd73"
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-id-2: kpYdRAWThlOvzdGFOaofox1Xw/BYGm7zIz2kOBJzG9yrcmu2SnTuXQkfDl0tMd+Cduek85ciemc=
x-amz-request-id: 8S484Z5WGKS5CG4Y
x-amz-version-id: xeytj2tGe9ZE1VBrjh._yFfBsbQCZQQP
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYESeTyvUZMp4Sa1aNvltA4AsA2sDb6DcBiyuXQZVXm7vJJ%2B6zQAqSKJ8Bw1ydo4y9tUmnmfy9A9TcPJBVa8cydEjLOPp10gMZu2zSk%2FtRRrLeQeu5Fp5vs4MkJ7prx4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d09b72b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| seguro.caixamisteriosa.net/checkout/address | 170.82.174.30 | 200 OK | 121 kB |
URL HTTP/2seguro.caixamisteriosa.net/checkout/address IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Size121 kB (121193 bytes) Hash140c1e304169da35960a168f6f9d3f79 5cb00cee379a36a8cd9a8282d31e83d4161b4be4 790e3f4e2bc6f54ef3b81380daa108e51b0f0b2bdfaa7708644abcd8794572c6
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /checkout/address HTTP/1.1
Host: seguro.caixamisteriosa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im54R05JN09zZ0toMStkRHUyanNLTWc9PSIsInZhbHVlIjoicFpzWm1QdEhtT1pNKzY4OG0wODdSWUlWVTZkcHIwNHBcL0dLNkpKVGFcL003bFM1UE5BYUV3ZktkUDJtSTVnZ2tIWlQ1Z3VtczNSd1gxQ1lDZmxIZjVXdz09IiwibWFjIjoiMWYzNWU5NWFhZWJiYjczNTJmZmVmNjhjNmU2NGFiZDMxMjRjMjk1ZDVjODBjZWZhNWQ1YTQyYWNhZjc4NTBjYiJ9; bubbstore_checkout=eyJpdiI6Ik1XRVc0TWhUMlRGaTJPU1o1RWppWmc9PSIsInZhbHVlIjoiRzh6SmhlSW9NaU84bU1TRlJDZjV3Vm9uZXMxajZjTmZyK2VqR1ZGUmk3RWJDeGZIdFJPRDVHMlwvdUhQbWtzYnJueXV4cmNldkNRcFFHZ0tLQlwvcUxzQT09IiwibWFjIjoiNTUxY2I3ZmFiMWY5Yjk4ZmMzYzljODhkZWUwZGViMTVhY2IyY2VkOWRlNDQ3NTRkNDY1YmYzZTAzZmViZGYxZiJ9; caixa-misteriosa9_cart=eyJpdiI6Ikk3YlowZ0huN3hrWGozNnRxOGFQeWc9PSIsInZhbHVlIjoib2p1K2hYNmN1SVI5U1dqQ1d4dzViTll2RnJoQW43VlVkVG9VMGMwR2g5VnJKeXJaaVBFXC9KNjdZcHpjNGNnTkZNYUZoc1JLN2JhYnM2ZTVtdWxcL1pSZz09IiwibWFjIjoiMjIxM2M1OGY1ZjA0ZThmOGViNTc2YmJkMmFhMmVmZjA3MTYwYzUyNDdjYzBlMzI4ZDBhZGMxNmNjOGM5YjAwMyJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:33 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im5iWXF0Qkh3V3M5RlRZMlRyTGYyWUE9PSIsInZhbHVlIjoiYTVvZXVLMFo4RmxKMW9LcXVmRngzekRwamp5dU5FM2tiMk91dzF6NGhYT0pkWnFzRVFCdmpcL1Q4UlVYenNnNTZpYVdyM1BPVjE2Q0JhWHdRcWRmNnhnPT0iLCJtYWMiOiJjYTM3MGI4NzZhODMxMmRmNWQyZWIzNTJjNjIxOTgyNDA4NDIwYzk4YTEzYjFlYjAwNjU4NzQ3MTU2YmFjNjBkIn0%3D; expires=Thu, 27-Oct-2022 07:20:33 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImVzVUVIWTkwR093SzJGQkJTeUNKSUE9PSIsInZhbHVlIjoibHF3VVMrTVh6OVF4Q3FyVXpPVFNyajlhODdiXC94Vmt5azhZZWZxdzhDRmd0WVBJS2hVNVE0aUJ1MitzXC9GS3BvNUVWVzRPTk9rTVJUWHI3T290b2w1Zz09IiwibWFjIjoiZjhkZWIzM2FlZTcxNmYyZTdmZGMyMWMyZjhmNjJlMzY2YTk0MjZkY2MyN2FiNjAxZDc5MmY5MzJkNjc5YjFlNiJ9; expires=Thu, 27-Oct-2022 07:20:33 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| images.yampi.me/assets/stores/caixa-misteriosa9/uploads/testimonies/62e9636950b51.jpeg | 172.67.72.14 | 200 OK | 8.6 kB |
URL HTTP/2images.yampi.me/assets/stores/caixa-misteriosa9/uploads/testimonies/62e9636950b51.jpeg IP172.67.72.14:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data Hash53f8716e4000def629db36d31f645cb1 db8c371fc52e7ab263634119821620d9f03c814f 2efb36089e2b052421b3c15c6c159fae1924bc1a1c2209ccd82f4d0ccc13f1c2
GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e9636950b51.jpeg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: image/jpeg
content-length: 8648
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9336, status=webp_bigger
etag: "8220257871413a2a14ab3d6b964f6abf"
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-id-2: 9BEGGAOO+B86AzP/jdJYfYW3gW6HDOBQhoYuK3o7sBLovtVBxar+XO8k9yBr/iNISNKlU7dtku4=
x-amz-request-id: 8S43FZKMHQDJCJD6
x-amz-version-id: HfrtBnZFXQLQQPWMe2SSfAQyOFUNAZMA
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=043pUZqpVLccjdcKdLOQP3RcxIDKF2oi2y%2BZFEfI7Mt6zf12MgTIMjaMTjZBb1RL1u4bYl8uwXv8D2cOFvf4aIwy1v8PmNrtNmyul4gcEYu7%2BP5PvIbfLHRfFJVL1iudXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d0ab7bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| images.yampi.me/assets/stores/caixa-misteriosa9/uploads/testimonies/62e9635ebe532.jpeg | 172.67.72.14 | 200 OK | 9.5 kB |
URL HTTP/2images.yampi.me/assets/stores/caixa-misteriosa9/uploads/testimonies/62e9635ebe532.jpeg IP172.67.72.14:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data Hash958180500c499802b8c9d1c832f7945c d1884b093666b9e6813b79471311a75c2304005a 1466c5bac4447ac52bc4780d617c80e4872b53df4a63c86a42ac0e1e93cc572e
GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e9635ebe532.jpeg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: image/jpeg
content-length: 9510
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10320, status=webp_bigger
etag: "04572c76d141851db42a1a6e13d38b71"
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-id-2: LanhgAiXZOYYA+2ScYOx90pAloWf9cBFvH3t7MdFQwlm9Oyymw7fzKSW/SbKHsb/e/hT2CoP0f8=
x-amz-request-id: 26D99WV6TCK0TQR3
x-amz-version-id: AatCE1mkRL6z1GEYqQay5AQrkz_0GlQk
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPio1NGdJrtFz%2BKLFSClPoEQcyGPbgXq1JG6Ock4T%2BAU0xdD1g1ZSEKb%2FKiGN5v6MlHQSuWE7kjPvaql%2B8duWxFKt%2BqgiVsxDfUt8ZYxPqMmahMcsHlg3VkNhHkSZk9ooA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d09b73b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hash312d0208861161793d9225bc818f4d56 7832c19b22a5151039641b76d48351052bd6364a 93d8af3728dae70deadbec88f563faaf8168a539cf5816e37cbf6f3c700a8a6b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90623
Date: Thu, 27 Oct 2022 04:20:34 GMT
Etag: "6358bc32-1d7"
Expires: Fri, 28 Oct 2022 05:30:57 GMT
Last-Modified: Wed, 26 Oct 2022 04:48:50 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5GXrNmvidmFgZEjiBLEeXaj27ZSoZTs7Hg0b91swxeQP2YECsUzHzw==
Age: 2527
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd14190b7d44355f74384008fc2bc965b 8899240507992ceba98f567c079650149cc583a4 2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 | 216.58.207.195 | 200 OK | 34 kB |
URL HTTP/2fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data Hash848cd2ecd011428969dc6b90431bc482 6b1a7b562a56bd54510e0f6f95e26babca331a1b 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:08:19 GMT
expires: Tue, 24 Oct 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 198735
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashd14190b7d44355f74384008fc2bc965b 8899240507992ceba98f567c079650149cc583a4 2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0 |  104.18.1.53 | 200 OK | 77 kB |
URL HTTP/2fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0 IP104.18.1.53:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:35 GMT
content-type: binary/octet-stream
content-length: 77160
x-amz-id-2: xIw7xyrWh7tMbAn3EEHH4MwVIvngCdMJZzqEwyRpxw93epYCebm75FVAa7Fs9PX4Xh3seDuVm+Y=
x-amz-request-id: 0QAV3XV18SQBTZWG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: REVALIDATED
expires: Fri, 04 Nov 2022 04:20:35 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 7608a3d479fb0b69-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9ab0372fbd4e9d389119ccc12be968eb 0e48ffd21d7abf1cf59a471feba8da1f26b934fc 090ac22163a5cc5471bd4220bc6ebe686b115c15378c5eb9066f0767066af57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6513
Cache-Control: max-age=90314
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:35 GMT
Etag: "6358ab6c-1d7"
Expires: Fri, 28 Oct 2022 05:25:49 GMT
Last-Modified: Wed, 26 Oct 2022 03:37:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| seguro.caixamisteriosa.net/cart/recomm | 170.82.174.30 | 200 OK | 809 B |
URL HTTP/2seguro.caixamisteriosa.net/cart/recomm IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash2e23390bb1456e10e7acb2cabf45e314 880e4ce0b777e465ad12e939a5bfff8347275d09 f570be2652c6e82761436201c049034fc732261e7cd845afbd75c2e0faf09646
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /cart/recomm HTTP/1.1
Host: seguro.caixamisteriosa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjM3NDUwZDUyZmNiOGJkNTciLCJ0ciI6ImFmN2M0ZDMzOWIyNjA3YjllOTViMzhiMTZlZWU5MDkzIiwidGkiOjE2NjY4NDQ0MzQyNjh9fQ==
traceparent: 00-af7c4d339b2607b9e95b38b16eee9093-37450d52fcb8bd57-01
tracestate: 2935249@nr=0-1-2935249-1134170823-37450d52fcb8bd57----1666844434268
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6Im5iWXF0Qkh3V3M5RlRZMlRyTGYyWUE9PSIsInZhbHVlIjoiYTVvZXVLMFo4RmxKMW9LcXVmRngzekRwamp5dU5FM2tiMk91dzF6NGhYT0pkWnFzRVFCdmpcL1Q4UlVYenNnNTZpYVdyM1BPVjE2Q0JhWHdRcWRmNnhnPT0iLCJtYWMiOiJjYTM3MGI4NzZhODMxMmRmNWQyZWIzNTJjNjIxOTgyNDA4NDIwYzk4YTEzYjFlYjAwNjU4NzQ3MTU2YmFjNjBkIn0%3D; bubbstore_checkout=eyJpdiI6ImVzVUVIWTkwR093SzJGQkJTeUNKSUE9PSIsInZhbHVlIjoibHF3VVMrTVh6OVF4Q3FyVXpPVFNyajlhODdiXC94Vmt5azhZZWZxdzhDRmd0WVBJS2hVNVE0aUJ1MitzXC9GS3BvNUVWVzRPTk9rTVJUWHI3T290b2w1Zz09IiwibWFjIjoiZjhkZWIzM2FlZTcxNmYyZTdmZGMyMWMyZjhmNjJlMzY2YTk0MjZkY2MyN2FiNjAxZDc5MmY5MzJkNjc5YjFlNiJ9; caixa-misteriosa9_cart=eyJpdiI6Ikk3YlowZ0huN3hrWGozNnRxOGFQeWc9PSIsInZhbHVlIjoib2p1K2hYNmN1SVI5U1dqQ1d4dzViTll2RnJoQW43VlVkVG9VMGMwR2g5VnJKeXJaaVBFXC9KNjdZcHpjNGNnTkZNYUZoc1JLN2JhYnM2ZTVtdWxcL1pSZz09IiwibWFjIjoiMjIxM2M1OGY1ZjA0ZThmOGViNTc2YmJkMmFhMmVmZjA3MTYwYzUyNDdjYzBlMzI4ZDBhZGMxNmNjOGM5YjAwMyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlFGaXRLaEpSVWVxdHZFeVVNYTR6ZlE9PSIsInZhbHVlIjoiSjVnTWZab21PRWkxanMxXC9UT2lHUXRGRXhpZ0NCcE1cLzM5Q3R5NDBoN0lMaVVDRGpCSnRsTFJ5WVNDcUliQlQ2dUNUbjJYYmZjUVpaSm9USFQ5bkNwdz09IiwibWFjIjoiNzc4YmFiMmRlMzgyYWQ5MTk0MzU0NTE5OWY1MTk3ZmU3ZTBiYmMwMDI5NWIwNWZjMzM1MzM4MmE0YmIwYmE1YyJ9; expires=Thu, 27-Oct-2022 07:20:34 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlJFWkJobHFqNDgrRmJIM2pDVGNpZ1E9PSIsInZhbHVlIjoiK0lUa2tNT1wvT1pGV3VaSlZTXC83YWZhSWpSYklGdEtOR1p0amVUK0V0SEpON2hpN3BIUW5KQ2ZuVjZIbVF0ZFIyUEpFd3hIZ0VERFBQdjVhUCtUQ0FUZz09IiwibWFjIjoiZTY4ZTA3MjIwZTc1MjMwZjcwYWQ0MjJjNDAxNjExOWUzYzA3ZGYxMmI4OThhNjljOGRkYWRlMDFhYmQ0MGIwZCJ9; expires=Thu, 27-Oct-2022 07:20:34 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYKC1wVTABNEVZUAAIEVVEAUgIAUAYHCAJESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js |  31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash84409c129527969831699eb02cd244b9 e1bd7e37698890246e939b31510f3ab3aac605c6 54a130a13a831b71441be9bfbd1b74d8a7433a8e4bb4ab3f5ed9edde6bcd3964
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: rZaeHxOXwkkXiGqhtwO4uylLO51L7hvSlb7gnURfAd2stus1lynaFSMrTakGh7VHDVrVIvmvKNLbwDcCXZZnqQ==
priority: u=3,i
content-length: 27076
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 04:20:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js | 142.250.74.163 | 200 OK | 160 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (608) Size160 kB (159789 bytes) Hash1230a090d5cedcb9e764406ab9497c1b 3d175bcf4ad9957c3e32611713c01347299b173e 585cafe3d6a3b932804aaa5aeb19a650688a2c15767f513d0d60c1941475c428
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 21:08:18 GMT
expires: Tue, 24 Oct 2023 21:08:18 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 198737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 27 Oct 2022 02:41:09 GMT
expires: Thu, 27 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 5966
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9ab0372fbd4e9d389119ccc12be968eb 0e48ffd21d7abf1cf59a471feba8da1f26b934fc 090ac22163a5cc5471bd4220bc6ebe686b115c15378c5eb9066f0767066af57d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4582
Cache-Control: max-age=88383
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:35 GMT
Etag: "6358ab6c-1d7"
Expires: Fri, 28 Oct 2022 04:53:38 GMT
Last-Modified: Wed, 26 Oct 2022 03:37:16 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash4cdf16c5333628708fae7b304303fc48 23654b66838aa89e8b975a9e6c0251d2f8f18366 6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash7d4b826b3cd4f4fffd35abd60c407bdb 28e5a20b197bf6972fd097c3b302c1dd89b68f09 681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1769479295.1666844435&jid=1632127325&gjid=1518100162&_gid=591946824.1666844435&_u=IEDAAAASAAAAAC~&z=652834389 | 173.194.222.154 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1769479295.1666844435&jid=1632127325&gjid=1518100162&_gid=591946824.1666844435&_u=IEDAAAASAAAAAC~&z=652834389 IP173.194.222.154:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1769479295.1666844435&jid=1632127325&gjid=1518100162&_gid=591946824.1666844435&_u=IEDAAAASAAAAAC~&z=652834389 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.caixamisteriosa.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 04:20:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash7d4b826b3cd4f4fffd35abd60c407bdb 28e5a20b197bf6972fd097c3b302c1dd89b68f09 681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 04:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/62e95d312bc5a/62e95d312bc60.png | 52.95.164.124 | 200 OK | 191 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/62e95d312bc5a/62e95d312bc60.png IP52.95.164.124:0
File typePNG image data, 1628 x 1083, 8-bit/color RGBA, non-interlaced\012- data Size191 kB (190952 bytes) Hash42653495a27a747f3deff05ead6ab0f1 7f774f610fb12f312daeb5d49c5cc88af7dd1dc1 3ce6c07440b880752a44c423832b8a6691d7b22898871e08b38f0abe62b92fc4
GET /king-assets.yampi.me/dooki/62e95d312bc5a/62e95d312bc60.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: YpMaBgkXepVkTpbfsmS1lRzyMGyEWNAWr5CcRomD94jnfJs8QVx5rzRsaKBrzia1rU4KAmuHk9k=
x-amz-request-id: 4QF4AP7GB65SV9V7
Date: Thu, 27 Oct 2022 04:20:35 GMT
Last-Modified: Tue, 02 Aug 2022 17:21:54 GMT
ETag: "42653495a27a747f3deff05ead6ab0f1"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 190952
|
|
| seguro.caixamisteriosa.net/e/t | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.caixamisteriosa.net/e/t IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
POST /e/t HTTP/1.1
Host: seguro.caixamisteriosa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImEwZDM4ODlhNmU5NDMxZWUiLCJ0ciI6IjUxNDBjZjY3MjYwYmYxZDE1MjMyYmRhMTdiODFhMTNiIiwidGkiOjE2NjY4NDQ0MzQyODF9fQ==
traceparent: 00-5140cf67260bf1d15232bda17b81a13b-a0d3889a6e9431ee-01
tracestate: 2935249@nr=0-1-2935249-1134170823-a0d3889a6e9431ee----1666844434281
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 368
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6Im5iWXF0Qkh3V3M5RlRZMlRyTGYyWUE9PSIsInZhbHVlIjoiYTVvZXVLMFo4RmxKMW9LcXVmRngzekRwamp5dU5FM2tiMk91dzF6NGhYT0pkWnFzRVFCdmpcL1Q4UlVYenNnNTZpYVdyM1BPVjE2Q0JhWHdRcWRmNnhnPT0iLCJtYWMiOiJjYTM3MGI4NzZhODMxMmRmNWQyZWIzNTJjNjIxOTgyNDA4NDIwYzk4YTEzYjFlYjAwNjU4NzQ3MTU2YmFjNjBkIn0%3D; bubbstore_checkout=eyJpdiI6ImVzVUVIWTkwR093SzJGQkJTeUNKSUE9PSIsInZhbHVlIjoibHF3VVMrTVh6OVF4Q3FyVXpPVFNyajlhODdiXC94Vmt5azhZZWZxdzhDRmd0WVBJS2hVNVE0aUJ1MitzXC9GS3BvNUVWVzRPTk9rTVJUWHI3T290b2w1Zz09IiwibWFjIjoiZjhkZWIzM2FlZTcxNmYyZTdmZGMyMWMyZjhmNjJlMzY2YTk0MjZkY2MyN2FiNjAxZDc5MmY5MzJkNjc5YjFlNiJ9; caixa-misteriosa9_cart=eyJpdiI6Ikk3YlowZ0huN3hrWGozNnRxOGFQeWc9PSIsInZhbHVlIjoib2p1K2hYNmN1SVI5U1dqQ1d4dzViTll2RnJoQW43VlVkVG9VMGMwR2g5VnJKeXJaaVBFXC9KNjdZcHpjNGNnTkZNYUZoc1JLN2JhYnM2ZTVtdWxcL1pSZz09IiwibWFjIjoiMjIxM2M1OGY1ZjA0ZThmOGViNTc2YmJkMmFhMmVmZjA3MTYwYzUyNDdjYzBlMzI4ZDBhZGMxNmNjOGM5YjAwMyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:35 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im8xa1lDUnF2YytXeUh4dFE1bituTHc9PSIsInZhbHVlIjoieGpobEVSb3hBNE9LQUZcL2ZqQkppcFd3QmthQVFaQXN1bVBoR2JUbzlJb2lBaHRZUXZuQmZFdVRmc2NwVlU1WmNZeUV0bTdUQlR3UFNOaWxsdjJBN1NBPT0iLCJtYWMiOiJhMjhlNjI5ZjA4MTQyMzg2YWQyYTM3Nzk0MThhYTIzNDFmZTEzMzY2MzZhOTQ3NWNlM2UxNzk5MmRkYzU4MTU0In0%3D; expires=Thu, 27-Oct-2022 07:20:35 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InZLK3pJNFRvNnF6TlhsNE9VTkx5dVE9PSIsInZhbHVlIjoidUJ6dzNUNmd3Q3hkXC9JdnNuU3hUT3M4ZGREZ1lCV1E1cUI4U1M4XC82UHAyeGl2SWI0Z1UxejNjR2V1eU5IN2xmVUI0QjFjNkZYOTNQUFdheEpHR040QT09IiwibWFjIjoiNTAzZjEzOWM5MmNhOGY5ZGMwZWQ0MTVmNjNjYWE5YmM2NDE2NmNjZGY3ZDFkYWIwOGZkNWNjYmM5MDQzOGNlMSJ9; expires=Thu, 27-Oct-2022 07:20:35 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApSDQAMHh5UFUMDVgMHVlJVUFIGDVEHBVUHFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap IP142.250.74.10:0
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 04:20:34 GMT
date: Thu, 27 Oct 2022 04:20:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn.yampi.me/jquery/jquery.js | 172.67.72.14 | 200 OK | 0 B |
URL HTTP/2cdn.yampi.me/jquery/jquery.js IP172.67.72.14:0
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: application/javascript
x-amz-id-2: QsmtL8/nVojRDvW+BmEU501Lw4WV+5t5F8LfBudh5F+R0IvsUm6Z0OFwq4bu2oMNhxhgi4mZaYc=
x-amz-request-id: VXXM8XE9A56HSH68
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2599
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwlC54VCidO%2BpXOSLuKTBClQwGMxOEAqpXGmH9bANLkH4PL3EPRAkx%2Fck9eJIj8sD0qy2T78lpatFlNeVRjbo0RMYS6MJujWpCPd6DGoh6K%2Fcn%2BIudtx7mNZAL%2BfGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d0aa91b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=d8423ccfea4fbb2f406cea92b04a8737 | 172.67.72.14 | 200 OK | 0 B |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=d8423ccfea4fbb2f406cea92b04a8737 IP172.67.72.14:0
GET /checkout/build/mix/assets/js/app.js?id=d8423ccfea4fbb2f406cea92b04a8737 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: application/javascript
x-amz-id-2: t+pRi2mpVP/HsO6DPUQ+MwgdDbnyFwdhufrM6mVKoFcR90+4pnZEZq1LTqPIV+vqrgSsO53OeDg=
x-amz-request-id: 8PNW7DEJ2HZN8VAP
last-modified: Mon, 17 Oct 2022 16:57:49 GMT
x-amz-version-id: XNhG7PkF_3JzSvKaF.22AtqXuyl0wmHr
etag: W/"29013ef444dc3b59ed77c986db2a8f06"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6GQWR0wv0owJ25IYccc7l2LxsABleM9rTjNn4niLOrSEzcs8rzun%2F0amLCgWDV%2FwwWT1f3H7kug8%2FAEemAOAGt6Xgoye6ntCqPsk9tnYP7wSMDdWi8N2LWgbDF%2BruV%2BMcX8OQ0CkrKS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d0aa98b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=d31e71e22fa577d1f19d2488ebd24690 | 172.67.72.14 | 200 OK | 0 B |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=d31e71e22fa577d1f19d2488ebd24690 IP172.67.72.14:0
GET /checkout/build/mix/assets/css/app.css?id=d31e71e22fa577d1f19d2488ebd24690 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: text/css
x-amz-id-2: TFeFBTQKDxErsapH4IB7ougpeXwNtLz4KXLfWfoIopR0plLYMlCs3pIr+cvNYFac1pvCyb/CvhY=
x-amz-request-id: ZR1HAN8RMGGE4KE2
last-modified: Tue, 11 Oct 2022 12:54:40 GMT
x-amz-version-id: hAW8LRqvA2JD0cqLKO7P1m_k08cGos6U
etag: W/"d31e71e22fa577d1f19d2488ebd24690"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV%2FUH6Ao4LOM7YH%2BBW83GQnueOj5fjjAPWbNtrhVmASY3zuBbdVYpY88%2BmlVxe7brlzb84nf9cD6DC84cGdLb7LvENZBW9ZZSHQqtEMZiC7Su6%2F10DSeTjor8pJwnlaXWF4cvxAQUZex"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d09a88b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yampi.io/ana/ana.min.js?t=1666915200000 | 104.18.14.227 | 200 OK | 0 B |
URL HTTP/2cdn.yampi.io/ana/ana.min.js?t=1666915200000 IP104.18.14.227:0
GET /ana/ana.min.js?t=1666915200000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: application/javascript
x-amz-id-2: u/ASm59PI36EjSBtNTv6M/A8JV8RfqJjf+AS10Ph2fUNgEUHH5RbN1YgPTTJaNzFWsKCxTiYRDM=
x-amz-request-id: 0DJCYGC2P4XWG7XY
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 4274
expires: Fri, 27 Oct 2023 04:20:34 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d52cd21c0e-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| seguro.caixamisteriosa.net/checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a | 170.82.174.30 | 302 Found | 0 B |
URL HTTP/2seguro.caixamisteriosa.net/checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
GET /checkout/payment?cart_token=902f412c-5598-11ed-b50e-02f91afe0016-6359e1ee128fd&utm_source=google&utm_campaign=SMS+Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=e485c680-5598-11ed-9afb-95069bf59b6a HTTP/1.1
Host: seguro.caixamisteriosa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 27 Oct 2022 04:20:32 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.caixamisteriosa.net/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im54R05JN09zZ0toMStkRHUyanNLTWc9PSIsInZhbHVlIjoicFpzWm1QdEhtT1pNKzY4OG0wODdSWUlWVTZkcHIwNHBcL0dLNkpKVGFcL003bFM1UE5BYUV3ZktkUDJtSTVnZ2tIWlQ1Z3VtczNSd1gxQ1lDZmxIZjVXdz09IiwibWFjIjoiMWYzNWU5NWFhZWJiYjczNTJmZmVmNjhjNmU2NGFiZDMxMjRjMjk1ZDVjODBjZWZhNWQ1YTQyYWNhZjc4NTBjYiJ9; expires=Thu, 27-Oct-2022 07:20:32 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ik1XRVc0TWhUMlRGaTJPU1o1RWppWmc9PSIsInZhbHVlIjoiRzh6SmhlSW9NaU84bU1TRlJDZjV3Vm9uZXMxajZjTmZyK2VqR1ZGUmk3RWJDeGZIdFJPRDVHMlwvdUhQbWtzYnJueXV4cmNldkNRcFFHZ0tLQlwvcUxzQT09IiwibWFjIjoiNTUxY2I3ZmFiMWY5Yjk4ZmMzYzljODhkZWUwZGViMTVhY2IyY2VkOWRlNDQ3NTRkNDY1YmYzZTAzZmViZGYxZiJ9; expires=Thu, 27-Oct-2022 07:20:32 GMT; Max-Age=10800; path=/; httponly
caixa-misteriosa9_cart=eyJpdiI6Ikk3YlowZ0huN3hrWGozNnRxOGFQeWc9PSIsInZhbHVlIjoib2p1K2hYNmN1SVI5U1dqQ1d4dzViTll2RnJoQW43VlVkVG9VMGMwR2g5VnJKeXJaaVBFXC9KNjdZcHpjNGNnTkZNYUZoc1JLN2JhYnM2ZTVtdWxcL1pSZz09IiwibWFjIjoiMjIxM2M1OGY1ZjA0ZThmOGViNTc2YmJkMmFhMmVmZjA3MTYwYzUyNDdjYzBlMzI4ZDBhZGMxNmNjOGM5YjAwMyJ9; expires=Tue, 01-Nov-2022 04:20:32 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
|
|
| fonts.dooki.com.br/fa/4.7.0/fa.css | 104.18.1.53 | 200 OK | 0 B |
URL HTTP/2fonts.dooki.com.br/fa/4.7.0/fa.css IP104.18.1.53:0
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 04:20:34 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: REVALIDATED
expires: Fri, 04 Nov 2022 04:20:34 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 7608a3d09a5f0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|