Report - go.offerwave.org/aff_c?offer_id=1936&aff_id=1594&aff_sub=pp71&file

Report Overview

Submitted URL
go.offerwave.org/aff_c?offer_id=1936&aff_id=1594&aff_sub=pp71&file_id=5239
IP
34.241.40.98
ASN
#16509 AMAZON-02
Submitted
2023-05-27 10:02:26
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
go.offerwave.org	916542	2019-05-13	2019-06-13	2023-05-26	530 B	1.8 kB	34.253.72.70
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22	2023-05-26	672 B	4.7 kB	192.124.249.24
s3.amazonaws.com	unknown	2005-08-18	2020-05-13	2023-05-26	917 B	40 kB	52.217.78.86
stats.vidalytics.com	153185	2007-05-15	2017-02-08	2023-05-26	3.1 kB	1.9 kB	107.178.211.97
go.maxweb.com	389866	1995-07-17	2018-04-27	2023-05-26	582 B	568 B	172.66.43.113
licensing.bitmovin.com	19299	2013-01-21	2017-01-30	2023-05-26	525 B	600 B	35.227.229.24
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-05-26	480 B	11 kB	104.17.24.14
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-26	1.3 kB	2.8 kB	142.250.74.3
quick.vidalytics.com	193746	2007-05-15	2018-05-11	2023-05-26	4.2 kB	2.9 MB	151.101.129.91
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-26	660 B	1.9 kB	104.18.14.101
analytics-ingress-global.bitmovin.com	47119	2013-01-21	2017-08-18	2023-05-26	526 B	487 B	35.190.27.197
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-26	965 B	37 kB	142.250.74.106
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-26	340 B	944 B	54.230.80.227
www.pm4trk.com	unknown	2022-09-09	2022-09-10	2023-05-26	552 B	961 B	34.120.219.72
brazilianhardeningsecret.com	unknown	2022-11-15	2022-11-15	2023-05-26	5.2 kB	1.1 MB	207.246.84.63
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-26	435 B	55 kB	142.250.74.168
ocsp.godaddy.com	698	1999-03-02	2012-05-20	2023-05-26	990 B	6.9 kB	192.124.249.23

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-27	medium	brazilianhardeningsecret.com/shared/js/jquery.3.4.1.min.js
2023-05-27	medium	brazilianhardeningsecret.com/shared/js/ouibounce.min.js
2023-05-27	medium	brazilianhardeningsecret.com/v/css/app-modal.css?v=1.2
2023-05-27	medium	brazilianhardeningsecret.com/v/css/ouibounce.min.css?v=1.2

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c	341 B	2023-03-14	2023-09-19
Pretty URL brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 13:17:09 Last Seen2023-09-19 16:05:43 Times Seen130 Hash d7196ac41b979b84e4ca0718d8fb0441 53d25d0b22837b4e18923c0cd1693d6a78af5532 72c622e0830c8bff2e7e02f1c00a008790d098c2b98785d3c1cbd77be22f9dea Loading...

	quick.vidalytics.com/embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/loader.min.js	43 kB	2023-05-25	2023-05-29
Pretty URL quick.vidalytics.com/embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/loader.min.js IP 151.101.129.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 15:49:38 Last Seen2023-05-29 20:37:09 Times Seen67 Hash 0b40eac10abfa173dd15ed88dfd983ba 313e05ed934fd869fba022913dc9bfcb8cedf848 b9aa980b92fb41a4d39918d978ca3f45a9780eb965a530f94ec5b0b02de62e95 Loading...

	unknown	2.2 MB	2023-05-25	2023-05-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 15:49:38 Last Seen2023-05-29 20:37:09 Times Seen57 Hash e1a7c8f75602cd6c388fcc95904f302d 47f6b500b628bf7a860ebd7eb7500e073a3eb9ca f5e0d429c12fdf5676275620570320c4d72cd50f656558f132dd97d0cbd4c6fd Loading...

	unknown	61 B	2023-05-07	2023-09-16
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-07 16:11:07 Last Seen2023-09-16 18:24:03 Times Seen123 Hash 430ec24199669bd6a933a225889ccb40 693e8e6439e16e1eff4b565abb72db834a533d45 20ff7bbdca3c7e5216f8e23a467b237ee16672d832eebded1790e1cb15c4f363 Loading...

	unknown	819 B	2023-03-07	2023-09-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:29:27 Last Seen2023-09-19 16:05:43 Times Seen130 Hash 61c0a19f649856fd7953abe24e2dad6e e4bd4b5865d314b0b02ff4b67138430e4b34d41d c7e02e36ab5162ef3c737d2d7af8fe20769e7ce0ad0af19c7cce670ccabf9d14 Loading...

	brazilianhardeningsecret.com/shared/js/ouibounce.min.js	1.6 kB	2023-03-07	2024-04-03
Pretty URL brazilianhardeningsecret.com/shared/js/ouibounce.min.js IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:16 Last Seen2024-04-03 14:46:10 Times Seen417 Hash 0067986dd93b7869e9dd229ff44251ac 3e89404238b959ac1d3c113b21cde64ac95ad267 b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-24 09:35:34 Times Seen341204 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c	1.4 kB	2023-03-07	2023-09-19
Pretty URL brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:29:27 Last Seen2023-09-19 16:05:43 Times Seen130 Hash e911963a9b615264c0614ded1e02a158 3a8af99064025a86ea5289bf69e4f201ed166938 655fe2097bd235aa2edd98dcdd7a662582e563ab297f18d48e7c2d8577e32e18 Loading...

	brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c	427 B	2023-05-27	2023-05-27
Pretty URL brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-27 12:02:28 Last Seen2023-05-27 12:02:28 Times Seen1 Hash a95befab78bc22617f3f03fc38a08f1d 6c4d9a4ce5cdb5420a158c741574973c3fe21c30 6d545cdbdea34c62cba14c90b79696ac087ee46c192b5f8ae904e79e1415c95e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-W563M54	152 kB	2023-05-27	2023-05-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-W563M54 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-27 12:02:28 Last Seen2023-05-27 12:07:10 Times Seen6 Hash d72fe7885010cacccbac8f6bc9c8e6ab 210531e72e56ff1aa63d3c39f9daaa8f072d8620 536ca6329f8c3110c908e5d676ea49a5b8713d6c0e4d0e4ad494a352eaa4db49 Loading...

	brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c	1.2 kB	2023-03-14	2023-05-29
Pretty URL brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 13:17:09 Last Seen2023-05-29 20:37:09 Times Seen118 Hash b5ab433ac3809aad0bd2b0a59d2781c0 e247d09689c680fd7eba318161fb4605ea25e618 a096d2fad9f822979983583679bc0e0055cf0af03014b8a2c23199cba4f0a8b9 Loading...

	brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c	186 B	2023-03-07	2023-09-19
Pretty URL brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:29:27 Last Seen2023-09-19 16:05:43 Times Seen123 Hash c4794a42c09a78a6d670250278c785ad da2f6de00ffafa3f45397ee01e604fb74039edbd 8af04b1a1f290e922e543c5586a6f8b9156606a04c741daf785c367293bce532 Loading...

	brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c	2.3 kB	2023-03-14	2023-05-29
Pretty URL brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 13:17:09 Last Seen2023-05-29 20:37:09 Times Seen118 Hash b0283771863bcb82da5d06c5c7dd5e1f fbd46f2b88659660f07cffdf18170e40362b6bad 2227e4b1c69cbb910e2c4691f37210ec3a81581a94fd72a70d7d4a8074e95717 Loading...

	brazilianhardeningsecret.com/v/sandbox%20eval%20code	147 B	2023-04-11	2024-04-24
Pretty URL brazilianhardeningsecret.com/v/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-24 09:35:34 Times Seen341699 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	brazilianhardeningsecret.com/shared/js/jquery.3.4.1.min.js	88 kB	2023-03-07	2024-04-24
Pretty URL brazilianhardeningsecret.com/shared/js/jquery.3.4.1.min.js IP 207.246.84.63 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-24 09:35:35 Times Seen95400 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

HTTP Transactions (45)

URL IP Response Size

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
66850db78c52cbd4090f787f27be7477
c2a4088de4d2641698357fe9d3d6326675dd4291
d9cffbc6f6e9715199ac52903bd765b6f8d190d87d15e0c536de72f4d04a7dfc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 10:02:07 GMT
Last-Modified: Sat, 27 May 2023 09:40:06 GMT
Server: ECAcc (dcb/7FD4)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -Malf5X_LbY04_dFXUY1GQeBa9O0h7cO1QR__1HiN9BTojrt-6nRzg==
Age: 1321

go.offerwave.org/aff_c?offer_id=1936&aff_id=1594&aff_sub=pp71&file_id=5239

34.253.72.70

302 Found

300 B

URL User Request GET HTTP/1.1
go.offerwave.org/aff_c?offer_id=1936&aff_id=1594&aff_sub=pp71&file_id=5239
IP
34.253.72.70:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectgo.offerwave.org
Fingerprint5D:59:21:2E:FB:15:2E:13:B3:82:5A:C9:1C:C8:ED:A6:72:1B:B9:01
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sat, 09 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
300 B (300 bytes)
Hash
946695ee93802378137148e4b8b6c6b3
ea74d32d551946d824da66be012b8690e4867d57
e84f7ac68a5409b6a5d291fd7b419873bf190ffa2e1793d38c757dcba61e997c

HTTP Headers

GET /aff_c?offer_id=1936&aff_id=1594&aff_sub=pp71&file_id=5239 HTTP/1.1
Host: go.offerwave.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 27 May 2023 10:02:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 300
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.pm4trk.com/549S3BK/7M3CLC/?sub1=pp71&sub2=102003157b16a3660df08a7584c43e&sub3=1936&sub4=1594
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_1936=ENC03df9e8d697160ec16822c0b81cc35b0ff3248b1eefce2fcc834e62bfbea0b984bd343aceabc5964073b181bc327c9f399e4f2a3fcc0b848583f4cee842197df75302f42dd40b127ba613526876d07fbc8e5ade1f183b514434aa5a1d1ca9b60cec2a2dae6b8fceab1db844547e12e53c1a40bb7e389b07382090a06162bda132b2775512c; expires=Tue, 27 Jun 2023 10:02:07 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCBYODZfNjQ7IFJ2OjEwOS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzExMS4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Mon, 20 Apr 2026 20:42:07 GMT; path=/; SameSite=None; Secure
Tracking_id: 102003157b16a3660df08a7584c43e
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 5b8726ec5e78f3f6b0143c90eba88cd8
Access-Control-Allow-Headers: Tune-SDK-Version

ocsp.starfieldtech.com/

192.124.249.24

1.8 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
4540589182aa9ddd68b8ee10099e7f31
eb4a3eaa8621623fb19c703cab8efb75ce27b625
d5ebed01ad785c892de51d8c8c6debfc74f07a82ff12bb4ce22876ad157c7028

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 27 May 2023 10:02:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 27 May 2023 05:03:11 GMT
Expires: Sun, 28 May 2023 05:03:11 GMT
ETag: "eb4a3eaa8621623fb19c703cab8efb75ce27b625"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.pm4trk.com/549S3BK/7M3CLC/?sub1=pp71&sub2=102003157b16a3660df08a7584c43e&sub3=1936&sub4=1594

34.120.219.72

302 Found

198 B

URL User Request GET HTTP/2
www.pm4trk.com/549S3BK/7M3CLC/?sub1=pp71&sub2=102003157b16a3660df08a7584c43e&sub3=1936&sub4=1594
IP
34.120.219.72:443
ASN
#15169 GOOGLE

Certificate
IssuerStarfield Technologies, Inc.
Subjectbsdhsjre22jd.com
Fingerprint96:82:27:15:05:56:BE:A9:0D:30:9B:BA:E8:3C:E1:68:2C:3B:33:DA
ValidityFri, 09 Sep 2022 19:03:23 GMT - Thu, 13 Jul 2023 17:25:38 GMT

File type
HTML document, ASCII text
Size
198 B (198 bytes)
Hash
75eee02d6d1deb9328423790aeeb8ab7
91f35f6d96aa96d3925cdf3c392557029701cf0b
3ebaa1ba6130c98ac16f319f487a7dda68612666f6a106a56b3ab72c65bd27fd

HTTP Headers

GET /549S3BK/7M3CLC/?sub1=pp71&sub2=102003157b16a3660df08a7584c43e&sub3=1936&sub4=1594 HTTP/1.1
Host: www.pm4trk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 27 May 2023 10:02:07 GMT
content-type: text/html; charset=utf-8
content-length: 198
accept-ch: Sec-Ch-Ua-Platform-Version
location: https://brazilianhardeningsecret.com/?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
set-cookie: uniqueClick_7M3CLC=021db9f3-f4f4-46b9-9424-2c0d441e377b:1685181727; Path=/; Expires=Sun, 28 May 2023 10:02:07 GMT; Secure; SameSite=None
transaction_id=e2e02c571a754df087c5e78664a7191c; Path=/; Expires=Fri, 25 Aug 2023 10:02:07 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: b98289b3-1f00-48bd-a316-15ea5db2d70b
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.23

1.8 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
4540589182aa9ddd68b8ee10099e7f31
eb4a3eaa8621623fb19c703cab8efb75ce27b625
d5ebed01ad785c892de51d8c8c6debfc74f07a82ff12bb4ce22876ad157c7028

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 27 May 2023 10:02:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 27 May 2023 05:03:11 GMT
Expires: Sun, 28 May 2023 05:03:11 GMT
ETag: "eb4a3eaa8621623fb19c703cab8efb75ce27b625"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

brazilianhardeningsecret.com/?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c

207.246.84.63

302 Found

0 B

URL User Request GET HTTP/2
brazilianhardeningsecret.com/?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
cache-control: max-age=2592000
expires: Mon, 26 Jun 2023 10:02:08 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c

207.246.84.63

200 OK

8.1 kB

URL User Request GET HTTP/2
brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (659)
Size
8.1 kB (8085 bytes)
Hash
df18129a1f7e1a0a4815f4b6ccfdc16a
a4db2183c87296860c6187a0a53c1eb69c4a000e
b5dc07f8443880b6eef64ce4cd3b93a8fbd174d307b85a141b8cd14ca5e9dabc

HTTP Headers

GET /v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: text/html; charset=UTF-8
content-length: 8085
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: max-age=300, must-revalidate
set-cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; path=/
affid=2540; expires=Tue, 11-Jul-2023 10:02:08 GMT; Max-Age=3888000; path=/
beenhere1=beenhere; expires=Fri, 25-Aug-2023 10:02:08 GMT; Max-Age=7776000; path=/
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css?ver=5.13.0

104.17.24.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css?ver=5.13.0
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (58392)
Size
10 kB (10301 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/css/all.min.css?ver=5.13.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 10:02:08 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6167209
expires: Thu, 16 May 2024 10:02:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B81ueNn1jKrVjbKdyQwr8nLVYZoTFmBy6mYl58i%2FZ1cr6VHiM0PfL5vSyu0h%2BHznHo1d0Iayg5xHUA5fvu61ihOYyAf1M3jr4CdlAMutXB4imXtJ%2FUzTud3UEv%2Ft%2FhluKHlzqaA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cdd6bac6b790b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 10:02:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 10:02:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9a762a1e577f4b078f4ad3de865303f
87d0f23fd6fc8378d53f72301c4444b362e4f3c9
44773657e91b7a1facdbc5538fea70b8dea0e1cdc850f4ee3eaee0d84bb02088

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 10:02:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

brazilianhardeningsecret.com/v/css/dlandvsl.css?v=1.3

207.246.84.63

200 OK

2.6 kB

URL GET HTTP/2
brazilianhardeningsecret.com/v/css/dlandvsl.css?v=1.3
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
ASCII text
Size
2.6 kB (2569 bytes)
Hash
c3e80bf1571cf3b33cec97ec4fa2a903
c74076d44bb8577f1793af9115744110c853ba57
462d419b95a350c580882c9b7d65b4bc7bb272c7c86930fe0b2b1143fd10db24

HTTP Headers

GET /v/css/dlandvsl.css?v=1.3 HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; affid=2540; beenhere1=beenhere
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: text/css
last-modified: Sat, 28 Jan 2023 17:08:58 GMT
vary: Accept-Encoding
etag: W/"63d556aa-2479"
expires: Mon, 26 Jun 2023 10:02:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-W563M54

142.250.74.168

200 OK

54 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-W563M54
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintEB:A2:AF:B3:20:F1:B1:77:23:0B:85:D2:B1:16:33:A7:97:49:EE:51
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT

File type
ASCII text, with very long lines (13699)
Size
54 kB (53937 bytes)
Hash
d72fe7885010cacccbac8f6bc9c8e6ab
210531e72e56ff1aa63d3c39f9daaa8f072d8620
536ca6329f8c3110c908e5d676ea49a5b8713d6c0e4d0e4ad494a352eaa4db49

HTTP Headers

GET /gtm.js?id=GTM-W563M54 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 May 2023 10:02:08 GMT
expires: Sat, 27 May 2023 10:02:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 27 May 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9a762a1e577f4b078f4ad3de865303f
87d0f23fd6fc8378d53f72301c4444b362e4f3c9
44773657e91b7a1facdbc5538fea70b8dea0e1cdc850f4ee3eaee0d84bb02088

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 10:02:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

brazilianhardeningsecret.com/shared/js/jquery.3.4.1.min.js

207.246.84.63

200 OK

31 kB

URL GET HTTP/2
brazilianhardeningsecret.com/shared/js/jquery.3.4.1.min.js
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30561 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /shared/js/jquery.3.4.1.min.js HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; affid=2540; beenhere1=beenhere
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 15:19:17 GMT
vary: Accept-Encoding
etag: W/"6384d175-15851"
expires: Mon, 26 Jun 2023 10:02:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

s3.amazonaws.com/flora-spring/animated-button.gif

52.217.78.86

200 OK

31 kB

URL GET HTTP/1.1
s3.amazonaws.com/flora-spring/animated-button.gif
IP
52.217.78.86:443
ASN
#16509 AMAZON-02

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT

File type
GIF image data, version 89a, 518 x 184\012- data
Size
31 kB (31419 bytes)
Hash
92a21f7cace8422fcd95e5fca547ceb1
90cd6495fd1a57b69ad1584bc26fc85e43da209f
c42dc7cb24b560ef4d979f5ff7ab11d61ff2bb13ce7d78b7eb21ed8d15c4e4bd

HTTP Headers

GET /flora-spring/animated-button.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: hMNWGs1ZxqyGO3wb4TwZWUmWhO982jXqYIFB4RuvkZSXFdhA62/E73gz2RmbfXlS+JPVP4IpMnk=
x-amz-request-id: G7MZ5RS092BTW9G8
Date: Sat, 27 May 2023 10:02:10 GMT
Last-Modified: Fri, 19 Jun 2020 14:28:38 GMT
ETag: "92a21f7cace8422fcd95e5fca547ceb1"
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 31419

quick.vidalytics.com/embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/loader.min.js

151.101.129.91

200 OK

11 kB

URL GET HTTP/2
quick.vidalytics.com/embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/loader.min.js
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (42544), with CRLF, LF line terminators
Size
11 kB (10568 bytes)
Hash
0b40eac10abfa173dd15ed88dfd983ba
313e05ed934fd869fba022913dc9bfcb8cedf848
b9aa980b92fb41a4d39918d978ca3f45a9780eb965a530f94ec5b0b02de62e95

HTTP Headers

GET /embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/loader.min.js HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ADPycds9h2s5-qOwm3YPoG30pjLvhrsw5hY0I8vNh72qShvCWtTExbyrKt1KKTkX9ZyHTkXTPvCprcct6e6RxxS3fWr70w
expires: Sat, 27 May 2023 10:02:09 GMT
last-modified: Thu, 25 May 2023 04:09:50 GMT
etag: "19be50591bf07cc2e45d0d07492cbcad"
x-goog-generation: 1684987790457099
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10568
content-type: application/javascript; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=A72X/g==, md5=Gb5QWRvwfMLkXQ0HSSy8rQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:09 GMT
age: 0
x-served-by: cache-iad-kcgs7200146-IAD, cache-bma1660-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1685181729.101157,VS0,VE122
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
cache-control: public, max-age=180, s-maxage=180
x-cdn-info: loader
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10568
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
2a74ef84f82ce36e620969eb006a01a0
7575a8666cfb7ec6a19244f6b8f33f89cc3dee6b
5cc08ba4b7ceace42a29915690ebea315f3ef6d4b5aef5a8ff06ce1fea327be0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 27 May 2023 10:02:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 24 May 2023 12:56:27 GMT
Expires: Wed, 31 May 2023 12:56:26 GMT
Etag: "7575a8666cfb7ec6a19244f6b8f33f89cc3dee6b"
Cache-Control: max-age=355456,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cdd6bafeac7b4f4-OSL

brazilianhardeningsecret.com/v/img/Rock_Hard.png

207.246.84.63

200 OK

1.1 MB

URL GET HTTP/2
brazilianhardeningsecret.com/v/img/Rock_Hard.png
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size
1.1 MB (1071086 bytes)
Hash
0273049b9443f4bab81391b8f610e414
87c97b7f3e50da17c3db27a5e0d45e5751818231
ded7056d49105e55ed9a1eb0c60f71781d1fb74a20c7bfa56546d06e494ef95a

HTTP Headers

GET /v/img/Rock_Hard.png HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; affid=2540; beenhere1=beenhere
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:19:17 GMT
vary: Accept-Encoding
etag: W/"6384d175-6ea1a"
expires: Mon, 26 Jun 2023 10:02:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

s3.amazonaws.com/5hardeningfruits/favicon.png?v1

52.217.78.86

200 OK

7.5 kB

URL GET HTTP/1.1
s3.amazonaws.com/5hardeningfruits/favicon.png?v1
IP
52.217.78.86:443
ASN
#16509 AMAZON-02

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7505 bytes)
Hash
38e432dea39b78bb4da8f0f632de7a90
a440f4ceb7137bd05f7a503da212edefcb0bce08
5cdd0ec4a9ecfd5477eeef0d377a38b5b59bdc51e9b6af85dfa95abfc5766d0e

HTTP Headers

GET /5hardeningfruits/favicon.png?v1 HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: HxsGdglALkEX0Uw31P11tskPksROjzBV9yUORGd50i9LxQo/WRCuLD/kaskL4di6Rq9iqJCg6Vw=
x-amz-request-id: G7MHAJPDSKXVZ221
Date: Sat, 27 May 2023 10:02:10 GMT
Last-Modified: Sun, 03 May 2020 02:29:15 GMT
ETag: "38e432dea39b78bb4da8f0f632de7a90"
Cache-Control: public,max-age=604800
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7505

quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/thumb/preview-5_0.jpg

151.101.129.91

200 OK

1.7 kB

URL GET HTTP/3
quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/thumb/preview-5_0.jpg
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 88x50, components 3\012- data
Size
1.7 kB (1715 bytes)
Hash
667129fdbcfe2f69aeb5e843d0c2cab3
2a8f24dbbf3af09eb738acbaf068aea7cc3654c6
6e426a6164f86a5da78a075f426562a376082091e71f39ba05424a8ae0551755

HTTP Headers

GET /video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/thumb/preview-5_0.jpg HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1715
x-guploader-uploadid: ADPycdu9CjyZfNZX7cXlur6xzxqYF4FF4yezD-p5UZ6fB9OUv4mw39kUz6mrx79iiXwYkrBoVfqzSkFfQh9banOGZzn-hw
cache-control: public, max-age=31104000
expires: Fri, 26 Apr 2024 08:24:07 GMT
last-modified: Wed, 16 Nov 2022 19:54:08 GMT
etag: "667129fdbcfe2f69aeb5e843d0c2cab3"
x-goog-generation: 1668628448081874
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1715
content-type: image/jpeg
x-goog-hash: crc32c=x7Xn4A==, md5=ZnEp/bz+L2mutehD0MLKsw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:09 GMT
age: 2165882
x-served-by: cache-iad-kjyo7100164-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 7356, 1
x-timer: S1685181730.867499,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/stream.mpd

151.101.129.91

200 OK

5.8 kB

URL GET HTTP/3
quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/stream.mpd
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
XML 1.0 document text\012- XML document, ASCII text
Size
5.8 kB (5840 bytes)
Hash
a2e1bdd055eefa8be669ca53373e21b2
70c66e404da92474093c810a11d8971d4c490e4a
66a4b9fa33bbb4b6230c2f3ef53861669d834d55250b2d4fdc35784d2c905391

HTTP Headers

GET /video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/stream.mpd HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 5840
x-guploader-uploadid: ADPycdtKPqxUbLNrOJcRwtYUqGDOma5zAS_bxCNu9YqITRNV0WQAtTvAITxPwVt8X-_gul1sTJWkyFFFuKqf1CXDHQrQL8nCAStk
cache-control: public, max-age=31104000
expires: Fri, 19 Apr 2024 10:21:35 GMT
last-modified: Wed, 16 Nov 2022 20:02:18 GMT
etag: "a2e1bdd055eefa8be669ca53373e21b2"
x-goog-generation: 1668628938675480
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5840
content-type: application/dash+xml
x-goog-hash: crc32c=8K3g0Q==, md5=ouG90FXu+ovmacpTNz4hsg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:10 GMT
age: 2763635
x-served-by: cache-iad-kiad7000046-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 32, 1
x-timer: S1685181730.033557,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.godaddy.com/

192.124.249.23

1.8 kB

URL
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
9abe899564c9c98f73c9a8558808b5a0
f5af5f3a18d8bf237625d1be8512ea87ccb08855
d138b06723ac3020dd77fa472a395b1cf3a42e9882f671dc295ad76ec916303d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 27 May 2023 10:02:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 26 May 2023 13:00:52 GMT
Expires: Sat, 27 May 2023 13:00:52 GMT
ETag: "f5af5f3a18d8bf237625d1be8512ea87ccb08855"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

77 B

URL POST HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
40f9443d5dc02e385b00b24c1f570269
c0e65fe8f73334d638173b9e33eff4f36d913104
ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 115
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: v1.55.1
date: Sat, 27 May 2023 10:02:09 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

1.8 kB

URL
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
9abe899564c9c98f73c9a8558808b5a0
f5af5f3a18d8bf237625d1be8512ea87ccb08855
d138b06723ac3020dd77fa472a395b1cf3a42e9882f671dc295ad76ec916303d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 27 May 2023 10:02:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 26 May 2023 13:00:52 GMT
Expires: Sat, 27 May 2023 13:00:52 GMT
ETag: "f5af5f3a18d8bf237625d1be8512ea87ccb08855"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/video/1280x720_h264_1123330/init.mp4

151.101.129.91

200 OK

671 B

URL GET HTTP/3
quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/video/1280x720_h264_1123330/init.mp4
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
671 B (671 bytes)
Hash
21a163e62e7363e04a3acedcf61740c9
5fdd66a00e13531cd9d40d32bf8b08c3203766d4
5f69d9589c3d274ef73342bdc5747c9c970cf5c8c9adb54402a69e7fb303691b

HTTP Headers

GET /video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/video/1280x720_h264_1123330/init.mp4 HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 671
x-guploader-uploadid: ADPycdvnW18nzVsXltLSRsTLoyp3nwDYSKNqxIpkgOpe8m4X10SdEP70N55mp188Lokups1q4nn4ikgm6NFXgG6HWUUMSA
cache-control: public, max-age=31104000
expires: Thu, 18 Apr 2024 17:14:30 GMT
last-modified: Wed, 16 Nov 2022 19:47:17 GMT
etag: "21a163e62e7363e04a3acedcf61740c9"
x-goog-generation: 1668628037620089
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 671
content-type: video/mp4
x-goog-hash: crc32c=GZS9yQ==, md5=IaFj5i5zY+BKOs7c9hdAyQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:10 GMT
age: 2825259
x-served-by: cache-iad-kjyo7100034-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1422, 1
x-timer: S1685181730.179285,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/audio/h265_96000/init.mp4

151.101.129.91

200 OK

606 B

URL GET HTTP/3
quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/audio/h265_96000/init.mp4
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size
606 B (606 bytes)
Hash
af3d86596c83ba8ac236796a59f6d6dc
a17e6dffd76faeabda9178a12a5fbce89065131d
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

HTTP Headers

GET /video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/audio/h265_96000/init.mp4 HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 606
x-guploader-uploadid: ADPycdu0DsbVLEmicofzbNcXsaegJWe-K_PM40OAJKh-1gIqUHFsCYmqXoVX8A0SgJjY6ZUsawLquFDckx_nvSy5y2-LJA
cache-control: public, max-age=31104000
expires: Fri, 12 Apr 2024 22:18:36 GMT
last-modified: Wed, 16 Nov 2022 19:47:46 GMT
etag: "af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation: 1668628066524941
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 606
content-type: audio/mp4
x-goog-hash: crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:10 GMT
age: 3325414
x-served-by: cache-iad-kjyo7100131-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 3222, 1
x-timer: S1685181730.179521,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
5ff5f95cc950ae5a2d2680faa08badb9
a38e091d6ddbe630f776d6938fa94758807da77b
495b8a97b27ad8147ac7857228d27283566e672d973465559498d9fa157da74b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 27 May 2023 10:02:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 24 May 2023 12:06:32 GMT
Expires: Wed, 31 May 2023 12:06:31 GMT
Etag: "a38e091d6ddbe630f776d6938fa94758807da77b"
Cache-Control: max-age=352714,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cdd6bb5a80e1c0a-OSL

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL POST HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 159
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Sat, 27 May 2023 10:02:10 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=KwmJQD4K

107.178.211.97

200 OK

43 B

URL GET HTTP/2
stats.vidalytics.com/awesome-log?cid=KwmJQD4K
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint82:C0:5C:B9:F2:BC:C3:9C:97:69:3A:BD:C9:F1:EC:AC:B0:1D:CA:30
ValidityMon, 21 Nov 2022 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=KwmJQD4K HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "KwmJQD4K/9SgjWcRu6EXOwmqj"
date: Sat, 27 May 2023 10:02:10 GMT
x-envoy-upstream-service-time: 19
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/audio/h265_96000/s_0.m4s

151.101.129.91

200 OK

48 kB

URL GET HTTP/3
quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/audio/h265_96000/s_0.m4s
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
data
Size
48 kB (47958 bytes)
Hash
49058f85e47b2734be35f37c5282771f
2c2a0d601ecf40b61b4f557fde9e52fe0d6e765d
9ef00c1b5383eec7cddc77319fb48f21b962ce609bab3eba7bacfc0636aba490

HTTP Headers

GET /video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/audio/h265_96000/s_0.m4s HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 47958
x-guploader-uploadid: ADPycdtMzWroVsFunLmRWbS4zw7eSWNYF758XlwsB1_boJumvIgJchdJ6BRm8OUcQxZ6BeJLRM9lFoWAU-qnB4bXcO_lbbHgAhAG
cache-control: public, max-age=31104000
expires: Fri, 26 Apr 2024 12:16:41 GMT
last-modified: Wed, 16 Nov 2022 19:47:46 GMT
etag: "49058f85e47b2734be35f37c5282771f"
x-goog-generation: 1668628066707233
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 47958
content-type: audio/mp4
x-goog-hash: crc32c=u3hvOg==, md5=SQWPheR7JzS+NfN8UoJ3Hw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:10 GMT
age: 2151928
x-served-by: cache-iad-kiad7000040-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1240, 1
x-timer: S1685181730.442257,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/video/1280x720_h264_1123330/s_0.m4s

151.101.129.91

200 OK

574 kB

URL GET HTTP/3
quick.vidalytics.com/video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/video/1280x720_h264_1123330/s_0.m4s
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type
data
Size
574 kB (574541 bytes)
Hash
a28052acb604771c0fad0ecf6ed744de
8736b418175833f299b011f7199f4b14afe80263
baaf6a69c88300239bc048be0facbce5ca183352e5cc817fe2d1b1f37d0174d5

HTTP Headers

GET /video/KwmJQD4K/FXohbocQ8Q9On9U4/79813/69569/fmp4/video/1280x720_h264_1123330/s_0.m4s HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 574541
x-guploader-uploadid: ADPycdvPxHK7baekd0plCE6sMFI-EV2I6gYQXOf61otv0SYIwFOe2oJDxYs2OS8CgaxWsc2V-_KlNY5FLxCgtaoKa2e2hw
cache-control: public, max-age=31104000
expires: Tue, 23 Apr 2024 10:05:59 GMT
last-modified: Wed, 16 Nov 2022 19:47:17 GMT
etag: "a28052acb604771c0fad0ecf6ed744de"
x-goog-generation: 1668628037807561
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 574541
content-type: video/mp4
x-goog-hash: crc32c=S01RIw==, md5=ooBSrLYEdxwPrQ7PbtdE3g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:10 GMT
age: 2418971
x-served-by: cache-iad-kjyo7100059-IAD, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 744, 1
x-timer: S1685181730.441645,VS0,VE3
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.godaddy.com/

192.124.249.22

1.8 kB

URL
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
9abe899564c9c98f73c9a8558808b5a0
f5af5f3a18d8bf237625d1be8512ea87ccb08855
d138b06723ac3020dd77fa472a395b1cf3a42e9882f671dc295ad76ec916303d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 27 May 2023 10:02:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 26 May 2023 13:00:52 GMT
Expires: Sat, 27 May 2023 13:00:52 GMT
ETag: "f5af5f3a18d8bf237625d1be8512ea87ccb08855"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint82:C0:5C:B9:F2:BC:C3:9C:97:69:3A:BD:C9:F1:EC:AC:B0:1D:CA:30
ValidityMon, 21 Nov 2022 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 749
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 27 May 2023 10:02:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint82:C0:5C:B9:F2:BC:C3:9C:97:69:3A:BD:C9:F1:EC:AC:B0:1D:CA:30
ValidityMon, 21 Nov 2022 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 278
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 27 May 2023 10:02:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint82:C0:5C:B9:F2:BC:C3:9C:97:69:3A:BD:C9:F1:EC:AC:B0:1D:CA:30
ValidityMon, 21 Nov 2022 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 846
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 27 May 2023 10:02:10 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint82:C0:5C:B9:F2:BC:C3:9C:97:69:3A:BD:C9:F1:EC:AC:B0:1D:CA:30
ValidityMon, 21 Nov 2022 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 186
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 27 May 2023 10:02:15 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint82:C0:5C:B9:F2:BC:C3:9C:97:69:3A:BD:C9:F1:EC:AC:B0:1D:CA:30
ValidityMon, 21 Nov 2022 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 186
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 27 May 2023 10:02:20 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

brazilianhardeningsecret.com/shared/js/ouibounce.min.js

207.246.84.63

200 OK

1.6 kB

URL GET HTTP/2
brazilianhardeningsecret.com/shared/js/ouibounce.min.js
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
ASCII text, with very long lines (1678), with no line terminators
Size
1.6 kB (1624 bytes)
Hash
081f4b4c0e9b8a240860e8497c25d5b7
8cf36f5429712efa3497846c5f224e66a443b1ef
ff0920ff7b299a0b1f15bb20b25f475fe3f9bd2961b0457671b134aec3f67ff6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /shared/js/ouibounce.min.js HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; affid=2540; beenhere1=beenhere
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 15:19:17 GMT
vary: Accept-Encoding
etag: W/"6384d175-658"
expires: Mon, 26 Jun 2023 10:02:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

quick.vidalytics.com/embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/player-dash-mse.min.js?hash=swtcwuozi

151.101.129.91

200 OK

2.2 MB

URL GET HTTP/2
quick.vidalytics.com/embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/player-dash-mse.min.js?hash=swtcwuozi
IP
151.101.129.91:443
ASN
#54113 FASTLY

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
FingerprintD1:EB:08:76:3E:91:B8:A5:58:63:F5:C3:6D:91:00:40:27:B2:21:1E
ValidityWed, 30 Nov 2022 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT

File type

Size
2.2 MB (2247224 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embeds/KwmJQD4K/jLzzrJkaXCi70PPZ/player-dash-mse.min.js?hash=swtcwuozi HTTP/1.1
Host: quick.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazilianhardeningsecret.com
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ADPycdv1xvVIWT6wuvYFPFkb0Vp_FQ6Ce8wCis1tffqwjFjGFlysVzHUeIqS_7TZBJaeqfu5F9ff9_tX7Sox3CugtPz4ug
cache-control: public, max-age=300, s-maxage=2592000
expires: Sat, 24 Jun 2023 04:09:57 GMT
last-modified: Thu, 25 May 2023 04:09:50 GMT
etag: "edf2759eab6762abfceef91afecb4dc3"
x-goog-generation: 1684987790865145
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 617932
content-type: application/javascript; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=zlm8RA==, md5=7fJ1nqtnYqv87vka/stNww==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
server: UploadServer
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 27 May 2023 10:02:09 GMT
age: 193932
x-served-by: cache-iad-kiad7000141-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 114, 1
x-timer: S1685181729.300782,VS0,VE2
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length
x-cdn: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 617932
X-Firefox-Spdy: h2

go.maxweb.com/conversion/iframe/?a=7957&token=5ac445579bbd8c60a2c038cdf031b3f3

172.66.43.113

200 OK

0 B

URL GET HTTP/2
go.maxweb.com/conversion/iframe/?a=7957&token=5ac445579bbd8c60a2c038cdf031b3f3
IP
172.66.43.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintDA:A2:AA:BA:65:01:F9:CD:C6:16:E2:D9:F9:ED:AE:44:FD:E7:90:4C
ValidityFri, 03 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /conversion/iframe/?a=7957&token=5ac445579bbd8c60a2c038cdf031b3f3 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 May 2023 10:02:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 27 May 2023 11:02:09 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7cdd6bae3b0bb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

brazilianhardeningsecret.com/v/css/app-modal.css?v=1.2

207.246.84.63

200 OK

1.8 kB

URL GET HTTP/2
brazilianhardeningsecret.com/v/css/app-modal.css?v=1.2
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
ASCII text, with very long lines (1763), with no line terminators
Size
1.8 kB (1763 bytes)
Hash
287bd6907cd9b9a44cc77040d18ea94e
2741afcf816588ca6f7c56018b037a7d7e66685f
f54647ba47226cdf83e4faabf281140a18d3f143350eaf6bc4a7e8a82af39697

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/css/app-modal.css?v=1.2 HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; affid=2540; beenhere1=beenhere
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 15:19:17 GMT
vary: Accept-Encoding
etag: W/"6384d175-6e3"
expires: Mon, 26 Jun 2023 10:02:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700,700i|Ramaraja

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700,700i|Ramaraja
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text
Size
14 kB (14484 bytes)
Hash
d47e966e84f14a22064fb669f1e5a155
6b88710d44b7bd0276273a50e6efbeb1a12c4bbe
6705c66b98e9941b6722c92bd80e93d164681f7eab16409ecd315c600ce5bfc3

HTTP Headers

GET /css?family=Open+Sans:300,400,400i,700,700i|Ramaraja HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 10:02:08 GMT
date: Sat, 27 May 2023 10:02:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

brazilianhardeningsecret.com/v/css/ouibounce.min.css?v=1.2

207.246.84.63

200 OK

2.4 kB

URL GET HTTP/2
brazilianhardeningsecret.com/v/css/ouibounce.min.css?v=1.2
IP
207.246.84.63:443
ASN
#20473 AS-CHOOPA

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerLet's Encrypt
Subjectbrazilianhardeningsecret.com
FingerprintFF:1E:74:03:C2:4C:FB:86:68:1B:A2:F6:2F:46:8E:15:E3:AC:76:D0
ValiditySat, 25 Mar 2023 14:57:11 GMT - Fri, 23 Jun 2023 14:57:10 GMT

File type
ASCII text, with very long lines (2444), with no line terminators
Size
2.4 kB (2444 bytes)
Hash
4ff65bcada44dcefb723a50ed80f9b30
312f0dcf8ce7e01ab7eef5cf4bd8cc3b269d338e
16356413bcc5c5d4366a5b4f690fe0182fa7a242cb1cf7496e042b28d428c662

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /v/css/ouibounce.min.css?v=1.2 HTTP/1.1
Host: brazilianhardeningsecret.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Cookie: PHPSESSID=e53ekdn1gd4kurhavapmdqh6va; affid=2540; beenhere1=beenhere
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx-rc
date: Sat, 27 May 2023 10:02:08 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 15:19:17 GMT
vary: Accept-Encoding
etag: W/"6384d175-98c"
expires: Mon, 26 Jun 2023 10:02:08 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i

142.250.74.106

200 OK

21 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://brazilianhardeningsecret.com/v/dlandvsl.php?a=2540&s1=pp71&s2=102003157b16a3660df08a7584c43e&s3=1936&s4=1594&s5=&o=134&r=e2e02c571a754df087c5e78664a7191c
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text
Size
21 kB (21349 bytes)
Hash
85f85710ccf8d9f645ce5e3f2691e35e
4777b4ba7dd9ada906b0e5a2225479dab9db0cf4
50c00f4243cdd92bf848b4eaf2efaadb69bf3fa93edb2c3f881708906d6366f3

HTTP Headers

GET /css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://brazilianhardeningsecret.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 10:02:08 GMT
date: Sat, 27 May 2023 10:02:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash