r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16338
Expires: Tue, 21 Mar 2023 02:49:36 GMT
Date: Mon, 20 Mar 2023 22:17:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8551
Expires: Tue, 21 Mar 2023 00:39:49 GMT
Date: Mon, 20 Mar 2023 22:17:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Tue, 21 Mar 2023 00:09:13 GMT
Date: Mon, 20 Mar 2023 22:17:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Mar 2023 22:14:55 GMT
content-type: application/json
age: 143
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s2/NMK4StZgH3zohQ4J/XaOkC3ugFy+6NTG6GLJT24InB9PV/H6NFWhv8H7Hh/ms1BuC4bD41kSeRn5bNurvUA==
x-amz-request-id: APR2Z7ZD1Q7AQWGS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Mar 2023 21:58:51 GMT
age: 1107
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
82.180.135.215301 Moved Permanently 707 B URL HTTP/1.1 crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
IP 82.180.135.215:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 20 Mar 2023 22:17:11 GMT
server: LiteSpeed
location: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
platform: hostinger
content-security-policy: upgrade-insecure-requests
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 22:17:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 21:17:21 GMT
age: 3598
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13788
Expires: Tue, 21 Mar 2023 02:07:07 GMT
Date: Mon, 20 Mar 2023 22:17:19 GMT
Connection: keep-alive
push.services.mozilla.com/
35.82.107.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.107.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E0zGlCKAS6lduSy/Lr1rVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jX+H07DeHWIxXzG2BiZCi673Y6o=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 20 Mar 2023 23:47:04 GMT
Date: Mon, 20 Mar 2023 22:17:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 20 Mar 2023 23:47:04 GMT
Date: Mon, 20 Mar 2023 22:17:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 20 Mar 2023 23:47:04 GMT
Date: Mon, 20 Mar 2023 22:17:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 20 Mar 2023 23:47:04 GMT
Date: Mon, 20 Mar 2023 22:17:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 20 Mar 2023 23:47:04 GMT
Date: Mon, 20 Mar 2023 22:17:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97a37cecfd90072794d657e2074620cb
34c456db4f8b0bd7e3affe31a7cf02e4596a8188
889d4f26715418088c8747251ee068dfdb5c8d5024b1d43862012cb31acf9650
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13522
x-amzn-requestid: d39593de-64b8-44f6-9160-7aa61c26ed88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI8E-YoAMFm4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-7ad0b7e7747de71b5f751226;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: h2u_sdWiqNN_tsFGKEGI1VvDWOVL9DwWbbi-MCemYMikc34WHt3qAg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9825a45e2b387a61504c0c3df20048ee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:17 GMT
age: 1923
etag: "34c456db4f8b0bd7e3affe31a7cf02e4596a8188"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80b8965f-0f1d-477d-b284-4d1e59649cf0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80b8965f-0f1d-477d-b284-4d1e59649cf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 549399285b0e626c036b5a3f7923acb7
47fc867d2850248a0cf58ffe6344bc723c567a92
ebee0635c9e51d080a113627a278b1af7f6e440754a1a43a201dc5e3e2392d5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80b8965f-0f1d-477d-b284-4d1e59649cf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12272
x-amzn-requestid: 92cdffc1-5ab5-4579-99ae-8f8d7fe7453d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFFxfIAMF7UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-3e0b9ead0718e199373ff06a;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 408SujdURTeUV20k71o-5tJ-ZwsNmGfqLdZtj7GTnoaPAv3MCcVN5g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:01:02 GMT
age: 978
etag: "47fc867d2850248a0cf58ffe6344bc723c567a92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07b787370d844cd515ddd9fa2f18dd2f
05af207b7d57654a46bcbaa335b05b05cdc03d48
37064c2c7234ff6172959969ba6d56decc8e8900c9a8f7ef177db7198144a7ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: dabbce3d-fb36-404d-8b37-3bafed979062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFFfBIAMFdMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-5cdf621e6196e46f7a1e849c;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: YfNJIF6SPWXOGEwKrIhi1h1bVS_RrqAvQQSV6OLbA3EJ8hkwWpoRMg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:00 GMT
age: 1520
etag: "05af207b7d57654a46bcbaa335b05b05cdc03d48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BOHK8DbdtREptv5xcR1VW-Hz0vV6tKyocLZHftBr6doO64Jkd7mUig==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:00 GMT
age: 1520
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25023a307b323b4565ee2560c9f16ed1
e8becaaf74fcda8fe5187f589b3cf2f3fa870d93
9f976686d5a33122af889ede6456ed86c0dac867448cc3d81aaac45dfe5e946d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9062
x-amzn-requestid: d24fccfa-439a-4bcf-a984-456cb90b0bb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ByllJFJlIAMFZ1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6410e953-05321b2649fdc7a838e1b49a;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 21:38:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: veRZaSgr0vSCPERll8DuDLjQVFx-dM9BIRLKAiVuiZbySy5UYyVfxA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 03:35:05 GMT
age: 67335
etag: "e8becaaf74fcda8fe5187f589b3cf2f3fa870d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7839c7-2b7e-47fa-a8d7-b001f2527406.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7839c7-2b7e-47fa-a8d7-b001f2527406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7f3f5682ef230a0e5ead556ccbb9c8d
93bcb7e0d7f2e7648f2749060e0a58bca3a033b9
e63beb09275f78a899e992ce814b4a079aaf38a4932a32b9f9431552702224b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7839c7-2b7e-47fa-a8d7-b001f2527406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11397
x-amzn-requestid: 9c96a37a-b2e6-46f1-94dd-1a299da61a02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWw1HwVIAMF0Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d19e-0638254835be22cc17465cc2;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:35:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: g2YNKMDYmcQl3rpt8G2tHJFrBf25_aNKA4v4WKBgpCQeEWEnwgbkYg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:17 GMT
etag: "93bcb7e0d7f2e7648f2749060e0a58bca3a033b9"
content-type: image/jpeg
age: 1923
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
82.180.135.215200 OK 3.8 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
IP 82.180.135.215:0
Hash c4fcd274dcbc80d5d41e71ff809e33da
e3471a26064fec6649baba92f5e8e6b2ce6b2064
eed5817d9fb02d5de6e56a874d79894ce2b025682fd93baa86ac955892dd3f4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "555a-5f4e9718-d8e5fdaa177b14aa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3773
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
82.180.135.215200 OK 4.9 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
IP 82.180.135.215:0
File type ASCII text, with very long lines (30236), with no line terminators
Hash 48f589f8536e4c3190fa64b8256ec3a7
fd4b2dc9047bdca5b14916d428916f96cc41fc79
4e2b2ea09f6bb6c116885abd451e498d86c088d8e4c91dbbe9484369751c21f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:32 GMT
etag: "761c-620c02dc-c5e60699e40eb342;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4912
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/css/esf-custom-fonts.css?ver=5.8.6
82.180.135.215200 OK 462 B URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/css/esf-custom-fonts.css?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (1861), with no line terminators
Hash 23751a070fab3986f162f802faf67648
b8c464c3fd116c3d20352b33ceea2bc2c480ba2d
0af7a95dd246037ee6efb4cf09cd378b043780c15efecb5664ccc35db35f67ca
GET /wp-content/plugins/easy-facebook-likebox/frontend/assets/css/esf-custom-fonts.css?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "745-620c02e7-43898c248ae78ae;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 462
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/esf-free-popup.css?ver=6.3.3
82.180.135.215200 OK 1.7 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/esf-free-popup.css?ver=6.3.3
IP 82.180.135.215:0
Hash 8de78d334c2b16e8b60122b2e481532d
6274b0fbc67fa90b69ce083197c0200bbfbc2032
72e5ee15cd5b638575543d56d3827f5d00814d7d22f48e53a60497de4c1c343d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/esf-free-popup.css?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "20de-620c02e7-6e23dc3ac1b37e27;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1742
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/easy-facebook-likebox-frontend.css?ver=6.3.3
82.180.135.215200 OK 32 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/easy-facebook-likebox-frontend.css?ver=6.3.3
IP 82.180.135.215:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d603dde2e156132339747cb776c4be65
d77f1bb6efc40f11a4c960b4d32b536e41ad315f
40cdad8f2f51b44ae8993fa900a76904965e12118361c49d780ccffd47ee435d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/css/easy-facebook-likebox-frontend.css?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "93539-620c02e7-e763854647435b3b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31811
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/themes/Avada/assets/css/style.min.css?ver=7.0.2
82.180.135.215200 OK 18 kB URL HTTP/2 crissallesterapias.com.br/wp-content/themes/Avada/assets/css/style.min.css?ver=7.0.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 50ed074d489ee2eced5e9b1273027f90
b5df3dc99b940286a99c91cbb44e2cca66709022
98acfd3dcaa6168497731b1fa1a990bef720f00e334d041dc5fc72ae71db90ff
GET /wp-content/themes/Avada/assets/css/style.min.css?ver=7.0.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Wed, 12 Aug 2020 17:27:12 GMT
etag: "1a1aa-5f342670-f46a555d16ff0daa;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18384
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/css/esf-insta-frontend.css?ver=5.8.6
82.180.135.215200 OK 32 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/css/esf-insta-frontend.css?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a34c5f3bc4d232f9c7a30dfd805c0ef2
77f979ee6f6ad7983ad7cae3ba3cab11650a2d8c
eed4ef64ef3978a65c0b29d7d0fa6b30d321ecb9a4e2533d54997dc7145d1c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/css/esf-insta-frontend.css?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "a7aff-620c02e7-8af0321f000c8a16;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32092
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/uploads/fusion-styles/a5a3a7f6c2fb0d560e9556df9d985918.min.css?ver=3.0.2
82.180.135.215200 OK 111 kB URL HTTP/2 crissallesterapias.com.br/wp-content/uploads/fusion-styles/a5a3a7f6c2fb0d560e9556df9d985918.min.css?ver=3.0.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (48788)
Size 111 kB (110957 bytes)
Hash 12a8dcfd86ea0d0573a6998fbfaa2512
ee0b23fda8f8e4e97b16d6f435076c15321cacd2
eca4e785a38cb42e5c2bf368d5af5d759816552c20635d6a83ea9be2f20e83a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fusion-styles/a5a3a7f6c2fb0d560e9556df9d985918.min.css?ver=3.0.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 15:01:29 GMT
etag: "104720-618e81c9-aceced78b6c45b0b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 110957
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/uploads/2020/09/Logo-3.png
82.180.135.215200 OK 54 kB URL HTTP/2 crissallesterapias.com.br/wp-content/uploads/2020/09/Logo-3.png
IP 82.180.135.215:0
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4127b7b2cd38098901f539a1801043df
4d69643476d58ba8765c0071fcb72c1cc66e0dd3
b13afdd1de3453270e3adc1e437b7cf7a8f062f3c7a1dbffbfbaed46e0a71ace
GET /wp-content/uploads/2020/09/Logo-3.png HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: image/png
last-modified: Mon, 14 Sep 2020 18:50:10 GMT
etag: "d2e5-5f5fbb62-fdc75b5db259cf48;;;"
accept-ranges: bytes
content-length: 53989
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/esf-free-popup.min.js?ver=6.3.3
82.180.135.215200 OK 7.3 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/esf-free-popup.min.js?ver=6.3.3
IP 82.180.135.215:0
File type ASCII text, with very long lines (21009), with no line terminators
Hash 168e82881b60e1f6509a5cda7a6a6bc6
b0cb30afea9ccc28236a9f27910d7c13cbc0be37
8343fdc2921a088ea1178bddae2f20622e5042e8097ac7b49728ce2e81995b2e
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/esf-free-popup.min.js?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "5211-620c02e7-b469a6585e68eee3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7292
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
82.180.135.215200 OK 12 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9
IP 82.180.135.215:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash ae25056e9432cde17c0285f4d8c7cb92
7ead50c0a2ecf4456294a8a5a014be5adcaa10a2
55e6dbd7b65c9385b92713eeb57a69695d46b87db1a6978348dd9441796864cd
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 14:47:40 GMT
etag: "e152-618e7e8c-dc7bee837455ff5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11615
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
82.180.135.215200 OK 5.8 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 82.180.135.215:0
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash dcbde1701851530dc07c731e8d94ba5b
7835aff97a0e828ec376c1ab67bd2ffd566dfecf
6a8702b337918153d65eaf65cf69c0e940596c9796dda75d7d3b2346ffa7ae38
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "4056-618e6f85-e34a43c2434a970b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5769
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
82.180.135.215200 OK 4.5 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (15224)
Hash 9336a67615b8765497b6efb3b0ce86af
8e9f93d0e91889a28040f9f8f8d2acf71a0acdbb
4834743cf8467e0159799d7c291fe7ef0db3d96323b60fe1bccdaa7d932a7de3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "4705-618e6f85-fd66fab1a0a3696d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4499
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
82.180.135.215200 OK 4.0 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "2bd8-618e6f85-3c1be1e98ebdb36d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
82.180.135.215200 OK 3.1 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
IP 82.180.135.215:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash e27c54db8379c779d5ef89497ab5c08d
fff3aacc11fae7e0efde0f102c78680b070851f7
f6249f32d365a41a05562dfb2e714bab8ea87ef3eee8c5dd0ea32e8eddfdd272
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "5513-5f4e9718-f8ff314137da8050;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3060
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/public.js?ver=6.3.3
82.180.135.215200 OK 1.3 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/public.js?ver=6.3.3
IP 82.180.135.215:0
Hash 9f456cd75e2acd304fb0b31c26e3c65d
cc3034fdd8a690ce200c70d12dd71bb192d7bf9c
682ac1859f219ac4a6987d48f8b6b8f3fc85f4bbfc240cbfb3ab447085d41242
GET /wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/public.js?ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "1104-620c02e7-a7112abc057d5eef;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1267
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/js/imagesloaded.pkgd.min.js?ver=5.8.6
82.180.135.215200 OK 1.7 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox/frontend/assets/js/imagesloaded.pkgd.min.js?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (5477)
Hash 026558691b2cd955e760117c2c4ac4c7
46d628c4ac4aafef0a1afe281c584cb706494f07
3eafbab43f4eb594b838ee220b33f6e04628d4e41b18ca22b85452ec38265a9a
GET /wp-content/plugins/easy-facebook-likebox/frontend/assets/js/imagesloaded.pkgd.min.js?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "15da-620c02e7-a0dbdda6296ad842;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1703
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/js/esf-insta-public.js?ver=1
82.180.135.215200 OK 2.1 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/js/esf-insta-public.js?ver=1
IP 82.180.135.215:0
Hash 59dcdde3b4a6e334e595a55a77c50758
073f6fbaa8c785492c8054b020b3a16b06a04902
62fb10715c1bc8bdf90f2fad5f41b1f7eec9c9834e2d75bb13a43a4e6f3429cf
GET /wp-content/plugins/easy-facebook-likebox//instagram/frontend/assets/js/esf-insta-public.js?ver=1 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:43 GMT
etag: "2817-620c02e7-2ffb3aa09a3c9270;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2131
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
82.180.135.215200 OK 2.3 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 82.180.135.215:0
File type ASCII text, with very long lines (6406), with no line terminators
Hash 7288c3b6110b68ddcfa671616c0f65a9
77b4120510330292b9260984949f62925a5fd96a
bc6dd499d1b5713241c49a47259a152fc27cf1e08556c6fb1106441f935ed63c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "1906-618e6f85-e46c551fd88d89a2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2297
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
82.180.135.215200 OK 3.1 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
IP 82.180.135.215:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 572dfe0c0e724972d273f13ee3f30c4b
45c5e38616ee1fd31058436b8a06510bec824c34
086b69b7873782382e61c92cbcbdc96c8b712100865d5efebf9dde6071337cb0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 15 Feb 2022 19:45:37 GMT
etag: "25f8-620c02e1-1dad7af0581539c9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3053
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.6
82.180.135.215200 OK 665 B URL HTTP/2 crissallesterapias.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (1391)
Hash 700e04ed36d1ee217654e5413b3053eb
6bcee89f9a8722e90842fcbfc99b1c791477a434
5090971ff1192cf479176187926b296a4f3eff2995e3b0d35c63ae8d2febc133
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "592-618e6f85-c5ccda8d7621f0f6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 665
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
82.180.135.215200 OK 30 kB URL HTTP/2 crissallesterapias.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 82.180.135.215:0
File type ASCII text, with very long lines (65447)
Hash 63373db5c13254717674a1af4cd88aa2
21a1962ab8597d9066640a7157a41370341ff0cf
d883f77be0299ddb715175908b03076554287b13f87570369fb58adeade16891
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 13:43:33 GMT
etag: "15db1-618e6f85-4b8a3608fb1ad277;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30027
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
82.180.135.215200 OK 40 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (65315)
Hash a714f070c15eafe206109557af7c88f8
15f560f197d97006382851eb027019c9fbcf1087
438b2aa9fa42187d959097eb3e9fa73b2dcc0531ef51394fd4b5c94eb7c5e413
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "1e065-5f4e9718-984556ecb1931264;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40363
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
82.180.135.215200 OK 45 kB URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
IP 82.180.135.215:0
File type ASCII text, with very long lines (42889)
Hash 80708d4f5f3f3e1d043a08388c52c93f
7467acc7a7bd01694487c683345558ba8b7b02ae
ebbdf2719ae1a964c2e0ebb518fcf7daf1afded21708a872fb7ea418f4f787da
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 14:47:41 GMT
etag: "1e4e6-618e7e8d-80d089a9bea111e0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45190
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/uploads/fusion-scripts/87abe166283d6c3b515928cb99837669.min.js?ver=3.0.2
82.180.135.215200 OK 267 kB URL HTTP/2 crissallesterapias.com.br/wp-content/uploads/fusion-scripts/87abe166283d6c3b515928cb99837669.min.js?ver=3.0.2
IP 82.180.135.215:0
File type ASCII text, with very long lines (49199)
Size 267 kB (267216 bytes)
Hash 50db3eb2f86b3bcb5520e8ca21cf209a
3d6602c490a51f236bc512928829a4ede3171071
f9ed6be56ceff90806f8d3c3e7ccc2e115202e1259502943deff8124ba09eea6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fusion-scripts/87abe166283d6c3b515928cb99837669.min.js?ver=3.0.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Sat, 13 Nov 2021 01:15:44 GMT
etag: "107993-618f11c0-fbfffaeae8bf2b08;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 267216
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-admin/admin-ajax.php?action=esf-insta-customizer-style&ver=5.8.6
82.180.135.215200 OK 1.2 kB URL HTTP/2 crissallesterapias.com.br/wp-admin/admin-ajax.php?action=esf-insta-customizer-style&ver=5.8.6
IP 82.180.135.215:0
File type ASCII text, with very long lines (672)
Hash 0ff976df48cf785ae8d74b0222bc8e24
3e4b26143e281000c6a3a139ef1c2290c1db6ca3
735eb1595a64c2cb9dd9b7b6bdc7fbac7aba52c90cbe18a5abb677e7dacd4b48
GET /wp-admin/admin-ajax.php?action=esf-insta-customizer-style&ver=5.8.6 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-type: text/css; charset: UTF-8;charset=UTF-8
x-litespeed-cache-control: no-cache
content-length: 1166
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:17:15 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qO0g.woff
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qO0g.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 24652, version 1.1\012- data
Hash 05f626acd9d659f295d71fec7d1fe8b2
19a440d9ac08d72f4621777708a885b07e31a3e0
386751a38b8b78b87c846fee21dabb153d2884b21d622d61f7d6dc6a2fac854f
GET /s/playfairdisplay/v25/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtXK-F2qO0g.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:45:54 GMT
expires: Tue, 19 Mar 2024 14:45:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:13:15 GMT
content-type: font/woff
age: 27089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 23776, version 1.1\012- data
Hash d5bc013806eeb7a073a0bff72b30af25
842175feb1e4f382d6982549cea166881a2b2632
8fd06f18e68aac35621698582f2ab34911e159ffb0231280e5b083f94e169096
GET /s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 10:47:26 GMT
expires: Tue, 19 Mar 2024 10:47:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:06:01 GMT
content-type: font/woff
age: 41397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-admin/admin-ajax.php?action=easy-facebook-likebox-customizer-style&ver=6.3.3
82.180.135.215200 OK 28 kB URL HTTP/2 crissallesterapias.com.br/wp-admin/admin-ajax.php?action=easy-facebook-likebox-customizer-style&ver=6.3.3
IP 82.180.135.215:0
File type ASCII text, with very long lines (532)
Hash bfa8c915572b756ef45e8f29a71e4eac
97968bcd014d8e7910a441ad28e8e84f4892d44f
0bb14f7608786fa72ce24c347fd237170dc3c700d91672aacbd80661fd07482a
GET /wp-admin/admin-ajax.php?action=easy-facebook-likebox-customizer-style&ver=6.3.3 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-type: text/css; charset: UTF-8;charset=UTF-8
x-litespeed-cache-control: no-cache
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:17:15 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 22980, version 1.1\012- data
Hash f2a7709803facad3132b46b739548369
7ae29ea1cc9e76acc69877d118fa5d4d61465b59
ca71ae7855c81379852da88328a11f97646e1aa1d38683c633c1d9dd28468355
GET /s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 10:47:26 GMT
expires: Tue, 19 Mar 2024 10:47:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:06:11 GMT
content-type: font/woff
age: 41397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 23964, version 1.1\012- data
Hash 73cc56954f67bf7b1d9b786a7b58e1af
d6045eab1e92ae57be8954fbe613ad4b6342f24b
399ee57b8c0fc3639e7dd004f70256fa3efc5a7f25f6bd313dc6de58d6f123c5
GET /s/worksans/v13/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 10:47:26 GMT
expires: Tue, 19 Mar 2024 10:47:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 10 Nov 2021 18:06:11 GMT
content-type: font/woff
age: 41397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3229
Cache-Control: max-age=141580
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 13:37:03 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash f15262792f272ca2d8fb5b1fb80671e0
c8c31919347847f9df49ce5981a90166f8551eb7
b4d52423e00d1d1b1c73a46e4460d031601a5187d16848b5bf9d2506f592c68e
GET /pt_BR/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 26ca130772251d2f6506d2960b30f733
etag: "3bd6b60192dc33a1453c5410f13e841c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Mar 2023 22:33:27 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 8VJieS8nLKLY+1sfuAZx4A==
x-fb-debug: EtZrvkTTvu+iuLHT6kl1J07vnCgwO+WOYp/VdE17JiBFsIccOwWKib5F98i6eC6VqjMgbQfdSAhmwM+47TKYkQ==
content-length: 1686
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4599403a49a361c750d6c7d8a410c743
a9bbdec66280f7ee5c4766ccc45fddbad16af2c3
80a17a133e51c6dadd6dc8f6b72dc3d6088110cd12de5fdf1a8286be09207e22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3820
Cache-Control: max-age=142171
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 22:17:23 GMT
Etag: "641854e2-1d7"
Expires: Wed, 22 Mar 2023 13:46:54 GMT
Last-Modified: Mon, 20 Mar 2023 12:43:14 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/all.js?hash=aaed2f95408add26134e9315c833817e
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/pt_BR/all.js?hash=aaed2f95408add26134e9315c833817e
IP 31.13.72.12:0
File type ASCII text, with very long lines (18743)
Hash 404f8b3e6cc288ecd90988c12f75e5cb
e697c7352b0be6285254080e138a1ce4ab5a6c63
da00b431678019d061208b30641bd0069dda941a13dfc7643fa3e8bb83e59710
GET /pt_BR/all.js?hash=aaed2f95408add26134e9315c833817e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9fd37c029612ac435c637be025b5263e
etag: "1248e1f807fbc26169d907cb3539612e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Mar 2024 19:26:10 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: QE+LPmzCiOzZCYjBL3Xlyw==
x-fb-debug: Y/WRYlCSifPb+fFRjNJBg5qUxi+qRtdqYofYa2Evw3YxpGxPH+bCGk/RGmpKiVjBuUCFmtGOgfYgKvOH1v3e9w==
content-length: 86995
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=https%3A%2F%2Fcrissallesterapias.com.br%2Fw-sec01bs%2Fauth.php%3Fohjqxtptbgmjgnvswvdr%26md%3Dohjqxtptbgmjgnvswvdr&sdk=joey&wants_cookie_data=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=https%3A%2F%2Fcrissallesterapias.com.br%2Fw-sec01bs%2Fauth.php%3Fohjqxtptbgmjgnvswvdr%26md%3Dohjqxtptbgmjgnvswvdr&sdk=joey&wants_cookie_data=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=395202813876688&input_token&origin=1&redirect_uri=https%3A%2F%2Fcrissallesterapias.com.br%2Fw-sec01bs%2Fauth.php%3Fohjqxtptbgmjgnvswvdr%26md%3Dohjqxtptbgmjgnvswvdr&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://crissallesterapias.com.br/
Origin: https://crissallesterapias.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://crissallesterapias.com.br
fb-s: unknown
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: cYU8rmXqp2HkUC8ibAqd1gwB8pIdaCFuHotIcFaQX/lszCl60/BgD6RXAHT20MX3ORQBzSBm/u/3WDUx3yKYuw==
content-length: 0
date: Mon, 20 Mar 2023 22:17:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
82.180.135.215404 Not Found 15 kB URL HTTP/2 crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
IP 82.180.135.215:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2897), with CRLF, LF line terminators
Hash 791b84f7db18dea2742e215de8a84f35
6e5253a83380b995e1dcc0b2ffd5d0c5bf8a2e47
2ebaa9f902941734376ecb1f06124f61b41a6e0680bd66884070c5c788ee7712
GET /w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://crissallesterapias.com.br/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: f09_HTTP.404,f09_404,f09_URL.0317177a6274fa76ceb0969ee4883abf,f09_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Mar 2023 22:17:13 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/wbsDCtYXM_i.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/wbsDCtYXM_i.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 1aa2dbc9be9cae82b7cf21872776efe1
2dcae683c78a38eb6dab1d1f700091fea467efc7
066173320f5267019109527a296941d85c6d54bfccd1bf832ea1f3999a86c8e5
GET /rsrc.php/v3/yW/l/0,cross/wbsDCtYXM_i.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Mar 2024 17:19:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: GqLbyb6croK3zyGHJ3bv4Q==
x-fb-debug: iU32SnckxyZp6CX/9nlPGigSkhWqW+pgRFtTMQx2b7mFLy5WoWu7cz/ym8bjT4bpO66UeeWD0TGA1ZFpU/Y3Ng==
content-length: 4828
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 830 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash d63a02ce87c07ffcfa869fef7fc5f233
cae745fef84088abe3525bb77f75c55cd1d4cc2c
bf9d4d71541a0a1f31b10be351add847ee935da6de355756314c8ca96512444d
GET /rsrc.php/v3/yn/l/0,cross/-HGPTKcj37t.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 13 Mar 2024 01:34:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 1joCzofAf/z6hp/vf8XyMw==
x-fb-debug: JykirIjWm+Jqd3gX1LmsOxMfNB2bGGERC4yT05HqQwxcKy1nY5LMF1E42O3L8QHf9RHXCtLGWju+SowxSObiKQ==
content-length: 830
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y_/r/cQ42bRjbU1L.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 83 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y_/r/cQ42bRjbU1L.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18631)
Hash 4aa36c44e7cafe4bc43791979b7a856d
942247a1751bdac1446171bd2a769f898089d9ab
5b17447d4bcada83bb7409346680d7c510820356d64d660c1067bde6ff4f581d
GET /rsrc.php/v3/y_/r/cQ42bRjbU1L.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Mar 2024 21:17:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: SqNsROfK/kvEN5GXm3qFbQ==
x-fb-debug: YLyPhcjGJ88xyYgUnhDb+RozsqCHkifWS8jytqyu2QHYq2NYF1SRv6VHx3WxPlqisdRCP20Hk7wMgXQfRB6XHA==
content-length: 83163
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 7b5d6f17d6a6871b29b0d08f6b5a4068
323d7d3de48389d16faeabbe00cd28bbd3977c59
3293ea0538ae7251b96682e5c9193a917cad8ad67308dbc317e54656905f9835
GET /rsrc.php/v3/yT/r/OJCMaWZXA92.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 17:00:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: e11vF9amhxspsNCPa1pAaA==
x-fb-debug: bVubqDcDt+K/YRcQvbx4NVM2IFMRmAIol+iuK6W/YIlwqkr6bqUCHpEjEyjhcWClheV2eB2NkEiClGXfZJtxUg==
content-length: 12463
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/_5YqHABAlvy.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/_5YqHABAlvy.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10442)
Hash 49828b77b18215a05ae94807e42fa52d
1ae9ad4908b1634a061636798a8f9d41d587eec4
ff250bc916f5deab1702dbfa4808f0c5192575bb5b5bf21a2fb47de126ecc1a4
GET /rsrc.php/v3/yl/r/_5YqHABAlvy.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 19 Mar 2024 16:05:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: SYKLd7GCFaBa6UgH5C+lLQ==
x-fb-debug: MVwRP00CmydejdmmIZ/i40FjHDhkRPhxTErWj0aLI2nNfTzd4aafB1YF766JbpGE9qbIqv50wIOUhslWqGngnw==
content-length: 16335
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/lBHJxasLvo5.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/lBHJxasLvo5.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash bfe25f70763a42364b0bc16a4309b150
f148b2300060c630e88eaf982d5e09541efa473d
89ac1652f0bdf9be4474515a27459b32a5e53be473eed8057d6e6a6a6eb5e595
GET /rsrc.php/v3/yi/r/lBHJxasLvo5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 17:00:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: v+JfcHY6QjZLC8FqQwmxUA==
x-fb-debug: vOS4LfgNKxsyUHhjCiSZYZUHNslKeP4fdmQ2htOnCM9F8NlS9jHkrPVqBPLRChFOvte0o+xC/kUNUZf4/iuKsQ==
content-length: 1702
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yg/r/S16mcmorP4p.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 6.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yg/r/S16mcmorP4p.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (5850)
Hash 38ec81faa0f55eba594a5602d904bab4
576ae20a01979ac795eed03745227d51d3e73b5b
2bad066a04039beefc2fe98a3953135a77471e0b68eea069833ea8ebb3971fc4
GET /rsrc.php/v3/yg/r/S16mcmorP4p.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 21:10:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: OOyB+qD1XrpZSlYC2QS6tA==
x-fb-debug: 3PpW0GUqw2FgDni/WCA7n3kXOuz2jpGKd8rtwixt/fvp2RyBRmGqcQpzq7hOGrV63PCsKh4wn62Dp/b42HxxGA==
content-length: 6377
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8698)
Hash 653e6bb3111a1b777aa59244d9f20979
4f8c7ace6198f7afa31ce4b039621a2ca69dc5d7
3037408584f8820e2c8c1707428b74e5ce388a03211662f4d3df7c43e3727621
GET /rsrc.php/v3/y7/r/Gy_e8cS9uuZ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Mar 2024 21:10:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: ZT5rsxEaG3d6pZJE2fIJeQ==
x-fb-debug: hOx36q8VUogFGBKvc012YkUoqQHWSo/qRqmM+yyCdZ24qk5z6iIsocQvyTeIPHeqEIRp694W18NmUzjhiR+B9w==
content-length: 16399
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yE/l/pt_BR/3Jf5mU8JWa0.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iM-F4/yE/l/pt_BR/3Jf5mU8JWa0.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41973)
Hash 6b4f803ae9320a5080e91ea160d52fbb
9fc0229529d8301548ec4d26c6510b4cd200e76e
2c5784a96af538f570f7be9df47a1cd49704d583201722d8bf14db333ec60fe9
GET /rsrc.php/v3iM-F4/yE/l/pt_BR/3Jf5mU8JWa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 14 Mar 2024 14:58:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: a0+AOukyClCA6R6hYNUvuw==
x-fb-debug: Jr+qeWSoBg8hzqDNsTJdhu26VbI0TM/Z9x73exFeWUUoTFivCYgxfTn5f8EAH6pAfm/4wTM6pFKzsAygKDmcCw==
content-length: 22885
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3ika84/yy/l/pt_BR/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3ika84/yy/l/pt_BR/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5962)
Hash 54af1c08124766e17c274363f887f6b0
525e991e9c71d10207f7706ba24152ef86a9d134
e01dab298f13b10b65ddf4a42f29faab65aa1fc6112a6154de47cf9e4fe465d0
GET /rsrc.php/v3ika84/yy/l/pt_BR/SV0HgmB8RsT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 14 Mar 2024 18:43:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: VK8cCBJHZuF8J0Nj+If2sA==
x-fb-debug: FFYWUx1VD0K8ARyqwu4c6YZpXuBu4sWehnxDUPIc3TR3/eAlyCkid5E+0W5DIqsMM8w6KCtaFSo+KPWweo9KKw==
content-length: 9065
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/T7DAr9Vaj3m.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/T7DAr9Vaj3m.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4643)
Hash 77d84b30ec3843e5259f6a11543ccc13
ecdd4cdd4b335676c4384f4e02b74030ae3a2b60
82000e8e0a9d2a621f028b3adbb8b3b29099b5b3f4b5720e7b15a88ba3d605b9
GET /rsrc.php/v3/yR/r/T7DAr9Vaj3m.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Mar 2024 17:23:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: d9hLMOw4Q+Uln2oRVDzMEw==
x-fb-debug: BZ7yzE3rM0k2Vjlq9bSorccwW3AK9rEJEiJQBnbzTPxOd9OqmnQJUmsKm9vneeSQf7Iw5CK+dxu2412KA0RgBg==
content-length: 7395
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1491)
Hash 1bde0ac6621dfc6b3a6e6a5f9b4e3f45
4b50211745019eede9493f2503e7975e71854e2c
f8c8d80f77bb77658e81b5b457481a4a34aa09c7d2e1839fe5e8bb598794c5c8
GET /rsrc.php/v3/yY/r/V8jK12UmQ6C.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 06 Mar 2024 20:46:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: G94KxmId/Gs6bmpfm04/RQ==
x-fb-debug: h5j1i8Zo6b0u3RavwkE0NorJSxEAzTeDPavH4xSwyLUWuhXn8f2pUHXndbb/ytn2QFsM1CCLe7+31igho3CPgQ==
content-length: 1248
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 782 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1130)
Hash 4cb0a14280e1518ce924569d0d94ecd4
b9a0878c671e0eb91d93cda7ab58e625d63e3b76
45663b2e683e50c831a09116470186da9c27eb92764aa3a0da8e925a94ca1d80
GET /rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 17:00:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: TLChQoDhUYzpJFadDZTs1A==
x-fb-debug: UFufcoBs5TIKj0CTsffoo8lZE6JOpvqjOKxYembU0K0wMjAOI9rVEWGHlYaU2BxypVXjPOrOR+kAEGl2OBd1/g==
content-length: 782
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5531)
Hash ceb7a84fd8598da30c60c449d40133ce
4f461d97216d437c00438873a1e0f7b708a39363
69af754dcd499789c8c7803b27e5e83343c8d93ce359e91cf3c274f759730321
GET /rsrc.php/v3/y-/r/Wtl6tMxz2hH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 12 Mar 2024 15:58:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: zreoT9hZjaMMYMRJ1AEzzg==
x-fb-debug: Zr44WqWmpECSBhMXj7azcBQrKIbgWQfXiYEl0zM5WLpNUiKV1z8oPDTot5vT6sHZ7FPxvh24V3/kP/vOJkoXHA==
content-length: 8978
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iL6L4/y_/l/pt_BR/c5k5wPU5WEN.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 80 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iL6L4/y_/l/pt_BR/c5k5wPU5WEN.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
Hash 24d3c229d6d58b0c873aef4cbea8caf8
9e67577bb287e23a07909e02e56fb38b27d38dad
d03795964b912678f2933bd99d1564a1d6033b3997d40186d396fe6b27dc53a6
GET /rsrc.php/v3iL6L4/y_/l/pt_BR/c5k5wPU5WEN.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 16 Mar 2024 05:23:01 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
origin-agent-cluster: ?0
content-md5: KB+xM2cjqaShgAbOYamyFw==
x-fb-debug: Elty9yNZmkMAxXEuOwc2O3NyI9dRZEPTz+11FhDUvbWFRPc5xUtuH+g5AeojVcXM96NoUE2mAzNKUaWGq7p4PA==
content-length: 61600
x-fb-trip-id: 1904183273
date: Mon, 20 Mar 2023 22:17:24 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
0 B URL static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP :0
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb415f0c2ffa32%26domain%3Dcrissallesterapias.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcrissallesterapias.com.br%252Ff891257e2d1dba%26relation%3Dparent.parent&container_width=340&height=415&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fcrissalless&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=350px
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb415f0c2ffa32%26domain%3Dcrissallesterapias.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcrissallesterapias.com.br%252Ff891257e2d1dba%26relation%3Dparent.parent&container_width=340&height=415&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fcrissalless&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=350px
IP 31.13.72.36:0
GET /plugins/page.php?adapt_container_width=true&app_id=395202813876688&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb415f0c2ffa32%26domain%3Dcrissallesterapias.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcrissallesterapias.com.br%252Ff891257e2d1dba%26relation%3Dparent.parent&container_width=340&height=415&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fcrissalless&locale=pt_BR&sdk=joey&show_facepile=true&show_posts=true&small_header=false&width=350px HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /gHLcbsHK990F12P4T42PuUXpCJUtQfrsEYBJKVJooIbevnUpwmkGXQW58V7ToQ11xdYlED60r1t5YSmDZx+FQ==
date: Mon, 20 Mar 2023 22:17:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
82.180.135.215200 OK 0 B URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
IP 82.180.135.215:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Sep 2020 18:46:48 GMT
etag: "1f7f2-5f4e9718-4560477519cd1235;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45254
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
82.180.135.215200 OK 0 B URL HTTP/2 crissallesterapias.com.br/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
IP 82.180.135.215:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9 HTTP/1.1
Host: crissallesterapias.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://crissallesterapias.com.br/w-sec01bs/auth.php?ohjqxtptbgmjgnvswvdr&md=ohjqxtptbgmjgnvswvdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Mar 2023 22:17:14 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 14:47:41 GMT
etag: "5d1fc-618e7e8d-5becad1a5bcb0bba;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 94254
date: Mon, 20 Mar 2023 22:17:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2