r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12043
Expires: Wed, 08 Feb 2023 06:56:14 GMT
Date: Wed, 08 Feb 2023 03:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15250
Expires: Wed, 08 Feb 2023 07:49:41 GMT
Date: Wed, 08 Feb 2023 03:35:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 02:36:33 GMT
content-type: application/json
age: 3538
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3411
Expires: Wed, 08 Feb 2023 04:32:22 GMT
Date: Wed, 08 Feb 2023 03:35:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9AxGVvTiRZgQtT88PqPOBcxDT8UYbdiRWmVpRx5sdz977lwex0BHQ1tMs+jJXwbnt/vMRd3ghGQ=
x-amz-request-id: KKSZYC82EJMYEC3Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 02:45:48 GMT
age: 2983
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 03:35:31 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
20.94.62.51/ruxitagentjs_ICA2Vfghjqru_10235220309135426.js
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/ruxitagentjs_ICA2Vfghjqru_10235220309135426.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /ruxitagentjs_ICA2Vfghjqru_10235220309135426.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/js/3.bundle-d6a6baaa0dc3faae26db.js
20.94.62.51200 OK 38 kB URL HTTP/1.1 20.94.62.51/js/3.bundle-d6a6baaa0dc3faae26db.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (37515), with no line terminators
Hash 39e850b2f21e44f7c83c5bfbf71a1a23
3610d538fb093eec2940764418eff51e72fe8f8f
4ab4958c63bd706e031161717896c8fbe22f133a4c9ff285cc053e75ceb13d06
Analyzer Verdict Alert quad9 Sinkholed
GET /js/3.bundle-d6a6baaa0dc3faae26db.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:09:38 GMT
ETag: "93a0-5dae925b10137"
Accept-Ranges: bytes
Content-Length: 37792
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (3707)
Hash 092fe2f30cffd7b15bea36ec664af208
1dde095b2ce22fce3e1692319ab9ff8d3dd26667
cf9e34a35b17b2e2746388a6e78c856ca2e7033878b00593a1a3361aa0912932
GET /gtm.js?id=GTM-N2FTFQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 03:35:31 GMT
expires: Wed, 08 Feb 2023 03:35:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50493
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 02:51:20 GMT
age: 2652
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
20.94.62.51/login/index.php
20.94.62.51200 OK 735 kB URL HTTP/1.1 20.94.62.51/login/index.php
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1242)
Size 735 kB (735003 bytes)
Hash 3d2997ee91abb3e7c9bd9b6eb077c1fe
b0e71c2814829f379baa882f37a0a948a0bb6fed
f16319e9e4b850f91c219968f9b0efc913c31789ce6f34cbb811a4f622696e71
Analyzer Verdict Alert quad9 Sinkholed
GET /login/index.php HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
X-Powered-By: PHP/7.4.29
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/vectors/google-play-badge-reverse.svg
20.94.62.51200 OK 11 kB URL HTTP/1.1 20.94.62.51/vectors/google-play-badge-reverse.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10788)
Hash dd500e2468aecaccb46e64859f38ed87
6922b1027cf980cf19ed84c94732c3b704798cc8
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
Analyzer Verdict Alert quad9 Sinkholed
GET /vectors/google-play-badge-reverse.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:19:26 GMT
ETag: "2a25-5dae948c4dbd2"
Accept-Ranges: bytes
Content-Length: 10789
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 19:19:40 GMT
expires: Wed, 07 Feb 2024 19:19:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 29752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
216.58.207.228200 OK 580 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
IP 216.58.207.228:0
File type ASCII text, with very long lines (913), with no line terminators
Hash e7c42946ef30a7489021af58a379f113
5200e9c9704d76f7b2cca6e550bee72f2cf686f5
4ecdfaac477e201b34fc1a6bab234ae7332dd52dbf66c7aee7dd48e613840ae8
GET /recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 08 Feb 2023 03:35:32 GMT
date: Wed, 08 Feb 2023 03:35:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/vectors/app-store-badge.svg
20.94.62.51200 OK 14 kB URL HTTP/1.1 20.94.62.51/vectors/app-store-badge.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14261)
Hash 34683b771a7e7e258b2aaa2e1d7b37f1
cbd7c1053fe89019d386d1676ffa086ddbf0a8b5
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
Analyzer Verdict Alert quad9 Sinkholed
GET /vectors/app-store-badge.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:21:50 GMT
ETag: "37b6-5dae951579e0e"
Accept-Ranges: bytes
Content-Length: 14262
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
20.94.62.51/vectors/google-play-badge.svg
20.94.62.51200 OK 11 kB URL HTTP/1.1 20.94.62.51/vectors/google-play-badge.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10785)
Hash f1a5450f21493625afbc619436ad14e0
e641815fd9bd38b5827c9e65821ed5a8fa05b0fb
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
Analyzer Verdict Alert quad9 Sinkholed
GET /vectors/google-play-badge.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:21:29 GMT
ETag: "2a22-5dae9501c4b83"
Accept-Ranges: bytes
Content-Length: 10786
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5932
Expires: Wed, 08 Feb 2023 05:14:24 GMT
Date: Wed, 08 Feb 2023 03:35:32 GMT
Connection: keep-alive
20.94.62.51/fonts/Roboto-Bold.woff2
20.94.62.51200 OK 15 kB URL HTTP/1.1 20.94.62.51/fonts/Roboto-Bold.woff2
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14680, version 1.0\012- data
Hash aa3e87117db2b3c27801cbb8dfe40c6c
a1118c5362e2dd34ac5cf34e135042c3ad827b58
36eea693231e39de5efd21718fea8fc98005b580b264522ffbef360939b8d75c
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/Roboto-Bold.woff2 HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:17:00 GMT
ETag: "3958-5dae9400a908c"
Accept-Ranges: bytes
Content-Length: 14680
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
20.94.62.51/fonts/Roboto-Regular.woff2
20.94.62.51200 OK 15 kB URL HTTP/1.1 20.94.62.51/fonts/Roboto-Regular.woff2
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14600, version 1.0\012- data
Hash a2647ffe169bbbd94a3238020354c732
0a59a3b17c93c1093c2514b3a9d51c91395aabd0
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/Roboto-Regular.woff2 HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:15:40 GMT
ETag: "3908-5dae93b4b0a6e"
Accept-Ranges: bytes
Content-Length: 14600
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/cartoes-renner/vectors/whatsapp.svg
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/vectors/whatsapp.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/vectors/whatsapp.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/vectors/bg-login.svg
20.94.62.51200 OK 664 B URL HTTP/1.1 20.94.62.51/vectors/bg-login.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (663)
Hash bbba81daa6feeed173485552f13c0f2a
aa3778c907487f06760a88ed95fa98522512f292
3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382
Analyzer Verdict Alert quad9 Sinkholed
GET /vectors/bg-login.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:25:11 GMT
ETag: "298-5dae95d56eb6a"
Accept-Ranges: bytes
Content-Length: 664
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js
142.250.74.35404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js
IP 142.250.74.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3ab3a3944f881ad31c89d08f5e8bb435
3dffffd915706b6f3a4be103ef99b293fd89d2dc
a2b4316623904892860acbdf726e13f1b33e07244baaae92fb9bb0c01e70d69c
GET /recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 03:35:32 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/fonts/Roboto-Black.woff2
20.94.62.51200 OK 15 kB URL HTTP/1.1 20.94.62.51/fonts/Roboto-Black.woff2
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14592, version 1.0\012- data
Hash fa058128ab6fcaa61257208d085b4d57
71c4e4b88c8049ef87ab6ede1ed4c9934eff778e
6e85391e451421ec1d47481273c0b97555ee880504b0fe96c5cec1edd4b0c57f
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/Roboto-Black.woff2 HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:17:20 GMT
ETag: "3900-5dae9413d4259"
Accept-Ranges: bytes
Content-Length: 14592
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
20.94.62.51/cartoes-renner/fonts/Roboto-Regular.woff
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Regular.woff
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.woff HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 03:35:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/images/celular-login.png
20.94.62.51200 OK 155 kB URL HTTP/1.1 20.94.62.51/images/celular-login.png
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 379 x 485, 8-bit/color RGBA, non-interlaced\012- data
Size 155 kB (155176 bytes)
Hash e624d089f9b2fff768b6b592285a4f12
bef94cbbf3c93e3cc8cc45975065216efc046336
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
Analyzer Verdict Alert quad9 Sinkholed
GET /images/celular-login.png HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:31 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:20:16 GMT
ETag: "25e28-5dae94bbad437"
Accept-Ranges: bytes
Content-Length: 155176
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
20.94.62.51/cartoes-renner/fonts/Roboto-Bold.woff
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Bold.woff
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.woff HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/fonts/Roboto-Black.woff
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Black.woff
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.woff HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
142.250.74.35404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
IP 142.250.74.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 617f87016391056cbfa3087f986bd536
57c63621d5e3657f9add4229143eb54909902bd0
a38edb7c355cb03d028c7aebd49d71de4b673368cbf77dec0c95088930a90c73
GET /recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 03:35:32 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/cartoes-renner/fonts/Roboto-Regular.ttf
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Regular.ttf
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.ttf HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash cf4010d2621299f54ad848758ff5dc4d
58dbaf083e51a32921a78753faff7a9c19daaa48
288d3efcd8e21350ac88ecec9f8741802fbb13db77117968a2077820d399f8f9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112599
Date: Wed, 08 Feb 2023 03:35:32 GMT
Etag: "63e21623-1d7"
Expires: Thu, 09 Feb 2023 10:52:11 GMT
Last-Modified: Tue, 07 Feb 2023 09:13:07 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZcgDYtx-t1FDlB8HygS38ynwKh7rz7A4o1p0H8KjGpMcrMvfw22D9Q==
Age: 5944
20.94.62.51/cartoes-renner/fonts/Roboto-Bold.ttf
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Bold.ttf
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.ttf HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/fonts/Roboto-Black.ttf
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Black.ttf
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.ttf HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
push.services.mozilla.com/
35.83.200.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.200.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPVlaXUAGUfULdaIxtXyuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pTbm11KMbp1NH2mevftEYSy3Ov0=
20.94.62.51/js/vendors.bundle-859d26788acf215a201a.js
20.94.62.51200 OK 686 kB URL HTTP/1.1 20.94.62.51/js/vendors.bundle-859d26788acf215a201a.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Size 686 kB (686470 bytes)
Hash ba8db3e4745ef4402e6c1011c9227191
e155466c79dd3823ff0ce99802093d80e40ebd1f
40d596025119e99448ba247d9ad58248525a484a971dabdd366e0724453e3e36
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendors.bundle-859d26788acf215a201a.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:22:58 GMT
ETag: "a7986-5dae955635fe5"
Accept-Ranges: bytes
Content-Length: 686470
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash cf4010d2621299f54ad848758ff5dc4d
58dbaf083e51a32921a78753faff7a9c19daaa48
288d3efcd8e21350ac88ecec9f8741802fbb13db77117968a2077820d399f8f9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 03:35:32 GMT
Last-Modified: Wed, 08 Feb 2023 01:56:47 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MTWDw6QPURBMRI5ZsBwe0a79dqDJw3CvwP6t4bL3mVlbzocGz1BCxA==
Age: 5925
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 03:35:32 GMT
Last-Modified: Wed, 08 Feb 2023 02:34:03 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gS8TGcJYtkDrw1GepoDd3WNIv71gCBvILa06oz1VIZdcBswKEtpxAg==
Age: 3689
cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
18.228.159.199200 OK 9.2 kB URL HTTP/1.1 cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
IP 18.228.159.199:0
File type ASCII text, with very long lines (22651), with no line terminators
Hash bb462b00b14c20c1058237a188f4033b
6cb3f0724e5b750d6d1ae92518a9126314368e7b
ff1a4463eadc1c7e0bce4edd7635a026f7106130efd1c27bd4bb8af6104edf08
GET /df/tag.js?id=PM-N2FTFQ HTTP/1.1
Host: cdn.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=300
Content-Encoding: gzip
Content-Type: application/javascript
Date: Wed, 08 Feb 2023 03:35:32 GMT
ETag: W/"63da9361-587b"
Expires: Wed, 08 Feb 2023 03:40:32 GMT
Last-Modified: Wed, 01 Feb 2023 16:29:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
Content-Length: 9197
Connection: keep-alive
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 01:44:06 GMT
expires: Wed, 08 Feb 2023 03:44:06 GMT
cache-control: public, max-age=7200
age: 6687
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/cartoes-renner/images/lojas-renner.png
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/images/lojas-renner.png
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/images/lojas-renner.png HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-; _pm_id=636701675827385439; _pm_sid=910201675827385439
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/images/favicon.ico
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/images/favicon.ico
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert quad9 Sinkholed
GET /cartoes-renner/images/favicon.ico HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4; rxVisitor=16758273843701A9PBNMDPTTNL0G1EUGQBDT4357CRKBI; dtPC=-23$27384364_271h1vCIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0e0; rxvt=1675829184381|1675827384372; dtLatC=48; dtSa=-; _pm_id=636701675827385439; _pm_sid=910201675827385439
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 03:35:32 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
52.95.165.120200 OK 0 B URL HTTP/1.1 s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
IP 52.95.165.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frame-image-br/bg.png?x-id=real&x-r= HTTP/1.1
Host: s3-sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: T27SOrZojnykuXkK6z0ZnZLNUQxd9FpVe7On1GwKk64FVYungJL5C62lA3NUz/8A8WWe+EbYtpE=
x-amz-request-id: HNWKMJX1E3PQ0CY3
Date: Wed, 08 Feb 2023 03:35:34 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Wed, 08 Feb 2023 05:14:08 GMT
Date: Wed, 08 Feb 2023 03:35:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Wed, 08 Feb 2023 05:14:08 GMT
Date: Wed, 08 Feb 2023 03:35:33 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Wed, 08 Feb 2023 05:14:08 GMT
Date: Wed, 08 Feb 2023 03:35:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qYXu_I4vL00EOopA1nQcxCTMKf4nObKFk9XQozhw6FezKsfTDem3Mw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:35 GMT
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
age: 19738
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i1abBvjQY4dXbxTHyy0Wxxn9PCvTO0YkAO8PS8kKA9Zl5TeiUEtErw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:49:59 GMT
age: 20734
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 71406
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0sEMzqETD-gbgXOXb_CJmLjYQmNGMN4-_ggiB7ifbifltHJYsTRRsQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:22 GMT
age: 20591
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:22 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 20411
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 845e4e4051f1162b20d3df5f208e8d3e
076462f67531c60b31ec768a275c96317292306d
40996d8929ab92f342328fc018518d6131c6222b0ec23051775eda276a602026
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4168
x-amzn-requestid: 24814225-0063-49fb-86ff-e78869538b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjQFS_IAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-67307c42182089b3096e98b5;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qLuHdYthPTS7qoVjS783M1Q-RtOluQpKozCi-zABez133FyvgBsBog==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:43:37 GMT
age: 21116
etag: "076462f67531c60b31ec768a275c96317292306d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=636701675827385439&sid=910201675827385439&pvw=2f18945f-5017-4580-a0ca-1af9a09a8148&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php
54.232.59.86200 OK 2 B URL HTTP/1.1 df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=636701675827385439&sid=910201675827385439&pvw=2f18945f-5017-4580-a0ca-1af9a09a8148&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php
IP 54.232.59.86:0
File type ASCII text, with no line terminators
Hash 50585be4e3159a71c874c590d2ba12ec
fb17882585bbfe9c55733a6e46a265ddaea6957a
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
GET /push/?aid=PM-N2FTFQ&cid=636701675827385439&sid=910201675827385439&pvw=2f18945f-5017-4580-a0ca-1af9a09a8148&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php HTTP/1.1
Host: df.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://20.94.62.51
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/plain
Date: Wed, 08 Feb 2023 03:35:33 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Set-Cookie: _pm_uid=636701675827385439; path=/; domain=pmweb.com.br; secure; Expires=Fri, 07-Feb-2025 03:35:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 2
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1a24dde1aee3cd43a6b846cd212b0777
433d0afc1c06e47cd75350746f1aa73e3076a098
e1955f9051d9175bdda73af2360d8e82221050eb632d8488b164aa364eb413ae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 03:35:35 GMT
Last-Modified: Wed, 08 Feb 2023 01:51:38 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xa7t2bd4EKAKaZptYoNh27RRvlVquS0ub3R_YZp2KQzHroLgBlpJUg==
Age: 6237
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4&svrid=-23&flavor=cors&vi=CIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0&modifiedSince=1647975459642&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=1050589041&en=ovxxhecl&end=1
3.228.88.68200 OK 703 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4&svrid=-23&flavor=cors&vi=CIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0&modifiedSince=1647975459642&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=1050589041&en=ovxxhecl&end=1
IP 3.228.88.68:0
File type ASCII text, with very long lines (703), with no line terminators
Hash 4b3b5e5ce962f1ab1394db3677f315ee
119c08e7a6d73a0afdae8c45bc6f0f9c063beefb
608c27b247d42a33e6e4c347986bbc084008e44f979fc061146937816ce77005
POST /bf?type=js3&sn=v_4_srv_-2D23_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4&svrid=-23&flavor=cors&vi=CIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0&modifiedSince=1647975459642&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=1050589041&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1209
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 03:35:35 GMT
content-type: text/plain;charset=utf-8
content-length: 703
set-cookie: dtCookie=v_4_srv_13_sn_EFC3374DAF5B1A643E297D4378615067_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: http://20.94.62.51
cache-control: no-cache
X-Firefox-Spdy: h2
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_11_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=11&flavor=cors&vi=CIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0&modifiedSince=1675798140308&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=397643556&en=ovxxhecl&end=1
3.228.88.68200 OK 211 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_11_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=11&flavor=cors&vi=CIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0&modifiedSince=1675798140308&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=397643556&en=ovxxhecl&end=1
IP 3.228.88.68:0
File type ASCII text, with no line terminators
Hash d186f11a383383bb4bdbf242d35fe757
e4449e10114a1503b6dccaa266e34d1dd2a15af3
9249043bc229f859ba6f5e1b21b4338127dc184591f67fb9e55b6dc888fe62e2
POST /bf?type=js3&sn=v_4_srv_11_sn_5EIO8I63ITG4M7VOK7BE65D5NRRQDUD4_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=11&flavor=cors&vi=CIEKDFRDAACPMFWALUCKWEGRHHUOJJFC-0&modifiedSince=1675798140308&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=397643556&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4777
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 03:35:36 GMT
content-type: text/plain;charset=utf-8
content-length: 211
set-cookie: dtCookie=v_4_srv_11_sn_FF6D5C150522EF9B341866CD7F309523_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: http://20.94.62.51
cache-control: no-cache
X-Firefox-Spdy: h2
js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
54.230.111.72200 OK 0 B URL HTTP/2 js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
IP 54.230.111.72:0
GET /jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js HTTP/1.1
Host: js-cdn.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
date: Wed, 08 Feb 2023 02:35:59 GMT
timing-allow-origin: *
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-source: Cluster
dynatrace-response-id: 34PSAG85F25K
expires: Wed, 08 Feb 2023 03:35:59 GMT
cache-control: public, max-age=3600
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qbQu1M3qYs3ujcoTXBl-hP3vkiUKIVsLgoyRRqK_PdPJ3rlwF5gqug==
age: 3572
X-Firefox-Spdy: h2