Report - auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=

Report Overview

Submitted URL
auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
IP
162.214.163.83
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-02-08 07:24:27
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
tagmanager.alright.network	172257	2019-05-05T10:27:07Z	2023-03-12T23:03:11Z	1.8 kB	29 kB	54.230.111.60
warp.media.net	2278	2021-07-02T11:19:15Z	2023-03-13T09:02:33Z	377 B	334 B	23.38.200.22
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	1.7 kB	4.4 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
auonline.com.br	unknown	2014-07-01T11:24:43Z	2023-03-10T05:36:56Z	5.8 kB	186 kB	162.214.163.83
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	66 kB	34.120.237.76
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	423 B	1.6 kB	151.101.65.229
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.9 kB	93.184.220.29
www.googletagservices.com	169	2021-02-14T04:54:38Z	2023-03-13T08:45:50Z	339 B	28 kB	142.250.74.162
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	887 B	54.230.245.100
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131
securepubads.g.doubleclick.net	190	2013-05-31T06:19:39Z	2023-03-13T05:09:45Z	344 B	28 kB	142.250.74.130
imasdk.googleapis.com	11661	2014-10-30T18:42:18Z	2023-03-13T06:05:04Z	342 B	127 kB	142.250.74.74
hbx.media.net	1422	2018-08-24T21:04:09Z	2023-03-13T09:04:04Z	558 B	8.4 kB	23.38.200.22
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.214.84.191
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.20.226
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-13T07:21:44Z	486 B	900 B	178.250.0.157

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08 07:25:10	high	Client IP	162.214.163.83	ETPRO PHISHING Antibomber Phish Kit

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031	26 B	2023-03-13	2023-03-13
Pretty URL auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031 IP 162.214.163.83 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:18:12 Last Seen2023-03-13 19:35:40 Times Seen1 Hash 7f07c149be710c1ab04081763fd799f5 55695891943892a02f268a38c0f955b02f8da9fc 34fb626c01fa0e903f07e61d2f0d0481f2509a0c413e145ece6a22a759e2f904 Loading...

	tagmanager.alright.network/manager/js/container_KETFTGOj.js	88 kB	2023-03-13	2023-03-13
Pretty URL tagmanager.alright.network/manager/js/container_KETFTGOj.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:09:08 Last Seen2023-03-13 19:35:40 Times Seen1 Hash 59a13bd579d224d01d7b111c6eea6bef a693f61bf51aed71bb4d117cffdad193416c24c1 984fc683288f4c4d0229b74ed114cf23284e3ebce450b1cbf72f85dbb74e151e Loading...

	auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031	916 B	2023-03-07	2023-03-14
Pretty URL auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031 IP 162.214.163.83 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:42 Last Seen2023-03-14 06:00:31 Times Seen1 Hash 4eae03b87bcfef221540cac18d110add 4bdf4541c8bf39d23c6512d3265bd2e43e9738da 7862bb8d1b03b5b94bf6928a115605e773e7cf6bc5158f265712434b7eb90b4e Loading...

	tagmanager.alright.network/lodash.min.js	73 kB	2023-03-07	2024-04-26
Pretty URL tagmanager.alright.network/lodash.min.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 23:14:21 Times Seen15658 Hash 9becc40fb1d85d21d0ca38e2f7069511 ae854b04025db8b7f48fdd6dedf41e77eae44394 a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9 Loading...

	tagmanager.alright.network/cld-video-player.min.js	1.7 MB	2023-03-07	2023-11-20
Pretty URL tagmanager.alright.network/cld-video-player.min.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:42 Last Seen2023-11-20 15:30:57 Times Seen13 Hash f424c0548bcfc13402d775a5f3c7e056 77ea61739ab986c135b4699ac15e9d1067107fef b1e61d7061d6f054ace39c480436a348ab293b49a37e272a4c8cf8583c78ab3b Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	81 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:19:01 Last Seen2023-03-13 19:38:45 Times Seen1 Hash c72335a8b776913b35f89a2bb2269148 18982b277885a27ac9f723d08be1efe76639f5e3 e59f783b01c96fdf08f304200d80378b3af8f20b5543305505b2c3155bf9baf6 Loading...

	warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=auonline.com.br&version=1	542 kB	2023-03-13	2023-03-13
Pretty URL warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=auonline.com.br&version=1 IP 23.38.200.22 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:22 Last Seen2023-03-13 19:33:22 Times Seen1 Hash 9d0a56871069d1a76da2e3be13f5f480 3b89b904ae889845195656fe5855b3425f151561 34a8b4513a0ca01972aefab8676f50666cd946369003affb3f7525421c0385ec Loading...

	tagmanager.alright.network/cloudinary-core.min.js	98 kB	2023-03-07	2023-11-20
Pretty URL tagmanager.alright.network/cloudinary-core.min.js IP 54.230.111.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:42 Last Seen2023-11-20 15:30:58 Times Seen16 Hash a1be2e94d994f87394275c7c24229e51 6aa4c7f3829658ad6c54589a91fe651345c720cf 2a9c8c1325096f3efd38f7e471f4f85fd0c212fa91ceb9591b037bc959dbcd54 Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js	392 kB	2023-03-13	2023-03-13
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:29:31 Last Seen2023-03-13 20:05:00 Times Seen1 Hash 0cecdf0083598cec69a249e344294bc7 0eaf4add72555bc9e12021869cfb43021bf6c6f9 d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	376 kB	2023-03-13	2023-03-13
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:57:14 Last Seen2023-03-13 19:57:41 Times Seen1 Hash 2d7592d030aac3bee869d509ce52c68f f5dfe8f9eddfa5682ad3b1a71264637719c9b845 96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485 Loading...

	hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1	23 kB	2023-03-13	2023-03-13
Pretty URL hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1 IP 23.38.200.22 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:33:22 Last Seen2023-03-13 19:35:40 Times Seen1 Hash ad8806087b2252b62bdeb739423cff69 cc67c5a77a575881d3e21eed1ee9c6f535db7bc5 1c9d7b17d3457d5338a8b8919a8d65cbc642a843a8e90d6cb29bcf4dbaf326b0 Loading...

	www.googletagservices.com/tag/js/gpt.js	81 kB	2023-03-13	2023-03-13
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:28:32 Last Seen2023-03-13 19:38:28 Times Seen1 Hash d5d15b8907d29777800ded5e47320fb5 7f75d9446ce3dc158f78ccd54a21f98775772942 e9e0f90da0b4c9c35e2e9464b92901416967dae5a323179e8bfd5632e3c12c2d Loading...

HTTP Transactions (48)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17614
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 07:24:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8357
Expires: Wed, 08 Feb 2023 09:43:33 GMT
Date: Wed, 08 Feb 2023 07:24:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9104
Expires: Wed, 08 Feb 2023 09:56:00 GMT
Date: Wed, 08 Feb 2023 07:24:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 06:34:12 GMT
content-type: application/json
age: 3004
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Cf2S/D0wCQV4uf2K7a7Cmi86t0g4FIQLojZCpdip3QowSNvp7ToOc6kwpqr5nIexT4UdUYIqNi0=
x-amz-request-id: 3EHZ7R7XGQX0RMKW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 06:45:52 GMT
age: 2304
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:24:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031

162.214.163.83

301 Moved Permanently

378 B

URL HTTP/1.1
auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
378 B (378 bytes)
Hash
5cc8abfcb426bf28213ea468df8cf9e9
80118d8e8e3d71aa9aaf6fb73997930d8fd41171
4d0f486b7b1cfd030c00b78ba20043042abab0be1b7c9aeedcf35b76f86c8a4a

Detections

NIDS	Severity	Alert
suricata	high	ETPRO PHISHING Antibomber Phish Kit

HTTP Headers

GET /view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 07:24:14 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Referrer-Policy: same-origin
X-Frame-Options: sameorigin
Location: https://auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
Cache-Control: max-age=1
Expires: Wed, 08 Feb 2023 07:24:15 GMT
Content-Length: 378
Keep-Alive: timeout=5, max=1150
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 06:51:20 GMT
age: 1976
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17913
Expires: Wed, 08 Feb 2023 12:22:50 GMT
Date: Wed, 08 Feb 2023 07:24:17 GMT
Connection: keep-alive

push.services.mozilla.com/

34.214.84.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.84.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4tWxllXZlc6I1DDIxTWTdw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9TSWWZkXg4KQckOSjO1jCfTqi4w=

auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031

162.214.163.83

404 Not Found

1.6 kB

URL HTTP/2
auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.6 kB (1581 bytes)
Hash
f33a32cd2fa7cc9b0cea4790482fdf45
d1d7e29f0ee0c9dcf090bc35a545ee81d5e9f9cd
0dfb6a51a35677482f93277ccf6f83b23b0e9e6098d400a9ae26d557a281bc84

Detections

NIDS	Severity	Alert
suricata	high	ETPRO PHISHING Antibomber Phish Kit

HTTP Headers

GET /view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
set-cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4; path=/
PHPSESSID=287513d5741e26ede8d6be91a3b4aca4; path=/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031; domain=auonline.com.br; secure; HttpOnly
access-control-max-age: 1000
referrer-policy: same-origin
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: public, max-age=86400, max-age=1, private, must-revalidate
content-length: 1581
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 07:24:15 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/css/dist-application.min.css?v=1.14

162.214.163.83

200 OK

43 kB

URL HTTP/2
auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43048 bytes)
Hash
00924df8f6e3ebb887887b437a164a45
ca14a59947b8520b333b5aa7dd4e65d153e4e79f
ec2dad46a28aeb0c619a92a90c515ad1af9004b1158001b8a05e42dfe803cf6f

HTTP Headers

GET /view/dist/css/dist-application.min.css?v=1.14 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:18:32 GMT
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Fri, 10 Mar 2023 07:24:15 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 43048
content-type: text/css
date: Wed, 08 Feb 2023 07:24:15 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/css/dist-utilities.min.css?v=1.14

162.214.163.83

200 OK

51 kB

URL HTTP/2
auonline.com.br/view/dist/css/dist-utilities.min.css?v=1.14
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (50838 bytes)
Hash
2a3746097660f3201f5ee4cadb427697
ef5b5d2e42dbf1ba10732d9c099792e67875813b
18b64606d494dd5adb01e5157bd77073419459adabfe5b0c95a2ff6ce47e0206

HTTP Headers

GET /view/dist/css/dist-utilities.min.css?v=1.14 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:18:34 GMT
accept-ranges: bytes
cache-control: max-age=604800, public
expires: Fri, 10 Mar 2023 07:24:15 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 50838
content-type: text/css
date: Wed, 08 Feb 2023 07:24:15 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
be0991a2d9125e66cecc298054ea11a2
9fbf67bff3422916a63088dc27ec6a69e1482958
d695c9a5c3250a2897f4d6f39a55361fd525b35ab278ba0ce1e11aba83b3e8ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 07:24:18 GMT
Etag: "63e14321-1d7"
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lyMdK-a6pz7Lua38ZnhOjYB7HXdL7upuTFqrbgOsQI1XKflaK7sM_Q==

auonline.com.br/view/dist/fonts/actu/actu-regular.woff2

162.214.163.83

200 OK

23 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/actu/actu-regular.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 23108, version 1.0\012- data
Size
23 kB (23108 bytes)
Hash
9f9e011393ea7918ebb064c62b4f0615
cc08fd3508f54086a01620b73b05d94fab9d3352
25cd74e6c8d129ffefbe874187419763c1545c2987042f476af00b78ee57393e

HTTP Headers

GET /view/dist/fonts/actu/actu-regular.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:19:06 GMT
accept-ranges: bytes
content-length: 23108
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 07:24:16 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 07:24:16 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/fonts/actu/actu-light.woff2

162.214.163.83

200 OK

21 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/actu/actu-light.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 20728, version 1.0\012- data
Size
21 kB (20728 bytes)
Hash
6329ca621ff5728228d0a503dddcbb7c
70f8d68c613f8e002de9aedb162358de223ea3cf
177bb0e2a991eb49d096e369d9545adae5631b013e469199496a747b8255f5d9

HTTP Headers

GET /view/dist/fonts/actu/actu-light.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:19:03 GMT
accept-ranges: bytes
content-length: 20728
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 07:24:16 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 07:24:16 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/fonts/fm-fill-low/fm-fill-low-regular.woff2

162.214.163.83

200 OK

11 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/fm-fill-low/fm-fill-low-regular.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 11220, version 1.0\012- data
Size
11 kB (11220 bytes)
Hash
18e1cb0ce61a82bd41ae91ba5d0d06d1
f4d9ef4b3f692104faef5ba4a4c740c875884a1b
9e6942def158e6f573565efacac4822e42753707e3bbd88b1965084908044e4a

HTTP Headers

GET /view/dist/fonts/fm-fill-low/fm-fill-low-regular.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:19:14 GMT
accept-ranges: bytes
content-length: 11220
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 07:24:16 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 07:24:16 GMT
server: Apache
X-Firefox-Spdy: h2

auonline.com.br/view/dist/fonts/actu/actu-bold.woff2

162.214.163.83

200 OK

21 kB

URL HTTP/2
auonline.com.br/view/dist/fonts/actu/actu-bold.woff2
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 21068, version 1.0\012- data
Size
21 kB (21068 bytes)
Hash
b19447c7ee6c8c77aac33b592898f703
5f40ed3415aa849f12ea8c80af58627af011439c
4faf40e97866d12fdd7c0a81c769e6cdd47065cf32f104f18b2a24efb5436ab5

HTTP Headers

GET /view/dist/fonts/actu/actu-bold.woff2 HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://auonline.com.br/view/dist/css/dist-application.min.css?v=1.14
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:18:54 GMT
accept-ranges: bytes
content-length: 21068
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 07:24:16 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: font/woff2
date: Wed, 08 Feb 2023 07:24:16 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

securepubads.g.doubleclick.net/tag/js/gpt.js

142.250.74.130

200 OK

27 kB

URL HTTP/2
securepubads.g.doubleclick.net/tag/js/gpt.js
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (39302)
Size
27 kB (27237 bytes)
Hash
c6025394c17a8a92c820923d3c4f7ace
786d7a889a993e5d4ed6507b257c43b43a3ad297
cdd6b907b60055c5f80aa1ba65e0d8d531efb02801d725452408e6b42c9cde1d

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27237
date: Wed, 08 Feb 2023 07:24:18 GMT
expires: Wed, 08 Feb 2023 07:24:18 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1476 / 617 of 1000 / last-modified: 1675811217"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tagmanager.alright.network/lodash.min.js

54.230.111.60

200 OK

26 kB

URL HTTP/2
tagmanager.alright.network/lodash.min.js
IP
54.230.111.60:0
ASN
#16509 AMAZON-02

File type
data
Size
26 kB (26320 bytes)
Hash
adeeb14a1d794f5c825b089a0cb4a4c4
057b69cc974dd1f7f4d05a09a9c39b6704329984
a8078e0204250df9c800479fef0924d8669092f837efb8fd5ca17a2213da1265

HTTP Headers

GET /lodash.min.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 26 Jan 2022 15:28:22 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 07:16:27 GMT
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hp4z9RXFKCR8QQZIvr5_XWUQj4edOs6NqSZnK6BMGR1GIoBcaw_MpA==
age: 477
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19577
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:24:18 GMT
Connection: keep-alive

auonline.com.br/view/dist/imgs/favicon/apple-icon-180x180.png

162.214.163.83

200 OK

5.5 kB

URL HTTP/2
auonline.com.br/view/dist/imgs/favicon/apple-icon-180x180.png
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5537 bytes)
Hash
c57b042feb18bd6e944e5217ce1d1a49
1a7135429c5d866f5490fe211feedcd87a1f008d
689e6994dc0bba5911d6a1589e2d57e49eed180501ad62d91dfbe4092cb84a2a

HTTP Headers

GET /view/dist/imgs/favicon/apple-icon-180x180.png HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:21:07 GMT
accept-ranges: bytes
content-length: 5537
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 07:24:16 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: image/png
date: Wed, 08 Feb 2023 07:24:16 GMT
server: Apache
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6805 bytes)
Hash
c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 32701
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

auonline.com.br/view/dist/imgs/favicon/favicon-default.png

162.214.163.83

200 OK

554 B

URL HTTP/2
auonline.com.br/view/dist/imgs/favicon/favicon-default.png
IP
162.214.163.83:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
554 B (554 bytes)
Hash
01654ae11ca64ce3200e4b3b20432654
98a94db17db3ffbdebb088ef5ae357427c82b0a3
881f743917cfd03c3c2e98627f5a6164b71f349888ff0cd3078909bd7ce2d803

HTTP Headers

GET /view/dist/imgs/favicon/favicon-default.png HTTP/1.1
Host: auonline.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://auonline.com.br/view/pages/Aarne/Qj2GrZw8kWeM7/5.253.115.175/d7e6ed305a6d0c5a33d44a7fd17797ac/3nz0/F004f19441/00951124a.php?web=succes&local=_&id=61109031
Connection: keep-alive
Cookie: PHPSESSID=287513d5741e26ede8d6be91a3b4aca4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
referrer-policy: same-origin
last-modified: Wed, 25 Jan 2023 04:21:11 GMT
accept-ranges: bytes
content-length: 554
cache-control: max-age=290304000, public
expires: Fri, 10 Mar 2023 07:24:16 GMT
x-frame-options: sameorigin, ALLOW-FROM https://auonline.com.br/
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
vary: User-Agent
content-type: image/png
date: Wed, 08 Feb 2023 07:24:16 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3379 bytes)
Hash
c65144dcdaf688643761916851b151c0
1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1
974b5a62f2d051b2dd2c609f7bd08a4ef339dab0d31bccaa0f9898893c3ba6b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:27:19 GMT
age: 10619
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12401 bytes)
Hash
ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lXTMw2s8GxQtwjucvNYZeHL-i8ECHbdGThUV5_vn2mKEhArswcO3VA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 34935
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11205 bytes)
Hash
aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 14:35:27 GMT
age: 60531
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12216 bytes)
Hash
fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C1EXSLUCdc9GzSKxUzv9_uWK4ZTqggdr03uVW5SWuZwVVSn2wc4k7w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 34817
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4269 bytes)
Hash
33b061f03be149fea0df63b42a8ec226
e5e491c6ef8b6234450a34ee5df28b9a58a8ad43
a5970bbb40be173878cd2e920bd1a6ed27775fbdc222bb66ccbc5969984882f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: df152b3a-fa15-4dac-96f9-41b9ea8e5136
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkQH5PoAMFl1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c481-63636a42419209fb0c17eceb;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViawdcUij4_pKnUmO34Oaqjmbtv19ModMaku0MWYTHDeLCR1ikzB_A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 34935
etag: "e5e491c6ef8b6234450a34ee5df28b9a58a8ad43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.74

200 OK

126 kB

URL HTTP/2
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2846)
Size
126 kB (125826 bytes)
Hash
98b1fe69946e421b8ece280ad4995eed
e6e0b95673083dd5319db64472e9505964998bc0
3ce90bb62a4f3d7a503d1a819ce1b7016837a27c17065adb97c94680a7cd870a

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125826
date: Wed, 08 Feb 2023 07:24:18 GMT
expires: Wed, 08 Feb 2023 07:24:18 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230208

151.101.65.229

200 OK

823 B

URL HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230208
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (1596), with no line terminators
Size
823 B (823 bytes)
Hash
730257ef260b05778bbae3046826609f
c77bb642f064cdc9a257d3abf043fa11fe98f77e
7f85f6d676ca795e04e6db9a10f85ae6083fb22c4f9e3088cbdc73dd225fc0b4

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20230208 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://auonline.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1611
x-jsd-version-type: version
etag: W/"63c-Wragkk4KW82PDEbsthKnUslq6u4"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 07:24:19 GMT
age: 12207
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 823
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
bf576480edbc0610537655bd105c8bfb
c266256abed787c377a27c7f95524bb1aa01a93f
23ac28aacf962820cd11cd820c3ae989ab1f4624701ff1745fb2d7a8001b8041

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:24:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "DCC160BCE98D314C81ED9FCAC89D2C2CD3FE4A94"
Expires: Wed, 08 Feb 2023 19:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 673
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79629ffc4dbefab8-OSL

hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1

23.38.200.22

200 OK

8.1 kB

URL HTTP/2
hbx.media.net/checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Size
8.1 kB (8081 bytes)
Hash
b13f9bbcb51911ebc5af0c87a2cbb95b
abc44a6b0645abca5f4d216766c3a73487291498
23139b414cee9a00b30b7c8044f19b3b479332d5c93aa353bb5bace665da2ba5

HTTP Headers

GET /checksync.php?cid=8CU8Y84F0&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1 HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Fri, 10 Feb 2023 07:24:19 GMT
date: Wed, 08 Feb 2023 07:24:19 GMT
content-length: 8081
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
3b8a1336c83e9c77d94f1801402922e8
914c22ee0f1bd5e8165cac9605a69dadcf53a7f9
10e443a01a394b33c96fb07f44456899c34953f4853897957e6eeef6f24765a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4875
Cache-Control: max-age=107524
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:19 GMT
Etag: "63e23c1c-13a"
Expires: Thu, 09 Feb 2023 13:16:23 GMT
Last-Modified: Tue, 07 Feb 2023 11:55:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
3b8a1336c83e9c77d94f1801402922e8
914c22ee0f1bd5e8165cac9605a69dadcf53a7f9
10e443a01a394b33c96fb07f44456899c34953f4853897957e6eeef6f24765a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4875
Cache-Control: max-age=107524
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:19 GMT
Etag: "63e23c1c-13a"
Expires: Thu, 09 Feb 2023 13:16:23 GMT
Last-Modified: Tue, 07 Feb 2023 11:55:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
56ad3ce1192a0e87e3253cb00f99ab0c
4dadc910d8b8e7fc31aac37ae56f5ae93278820b
6c138b60c4024bb649be8b2f460f2fed0548d788a0d15e2d7cbfb2b7185b1bdf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:24:19 GMT
Last-Modified: Wed, 08 Feb 2023 06:30:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fauonline.com.br%2F&domain=auonline.com.br&cw=1&lsw=1

178.250.0.157

200 OK

406 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fauonline.com.br%2F&domain=auonline.com.br&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type
JSON data\012- , ASCII text, with very long lines (497), with no line terminators
Size
406 B (406 bytes)
Hash
88f6ae7eb7976d3cd103e81c95df6ec9
ac3bbd4e5e88361bfb08f57766c8a509928bc14a
ca811f2fd6e50121ef741aee06831766c7efe8f105cfa1337c9cf039433218fb

HTTP Headers

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fauonline.com.br%2F&domain=auonline.com.br&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://auonline.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 07:24:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://auonline.com.br
server-processing-duration-in-ticks: 958735
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagservices.com/tag/js/gpt.js

142.250.74.162

200 OK

27 kB

URL HTTP/2
www.googletagservices.com/tag/js/gpt.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (39296)
Size
27 kB (27215 bytes)
Hash
bf865fdffd811a20b6e5358fb3d4c08e
a2889cefd254fd5c135720e8cf25e9e081afbd9b
0e473235c392afd511185e9b35be913e7599185e138a6e656b98fe110729ef50

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27215
date: Wed, 08 Feb 2023 07:24:21 GMT
expires: Wed, 08 Feb 2023 07:24:21 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1476 / 345 of 1000 / last-modified: 1675811301"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8703 bytes)
Hash
be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 34824
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tagmanager.alright.network/manager/js/container_KETFTGOj.js

54.230.111.60

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/manager/js/container_KETFTGOj.js
IP
54.230.111.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /manager/js/container_KETFTGOj.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 15:44:50 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 07:20:14 GMT
etag: W/"59a13bd579d224d01d7b111c6eea6bef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g3lqYaR1QN6HQ1CA0TYu6f8D2sQqs7QWvxbhWDnDqp95BCk1KPAHDQ==
age: 245
X-Firefox-Spdy: h2

warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=auonline.com.br&version=1

23.38.200.22

200 OK

0 B

URL HTTP/2
warp.media.net/js/tags/clientag.js?cid=8CU8Y84F0&dn=auonline.com.br&version=1
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/tags/clientag.js?cid=8CU8Y84F0&dn=auonline.com.br&version=1 HTTP/1.1
Host: warp.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
content-type: text/javascript; charset=utf-8
x-mnet-h: E
etag: 12737227670688359877
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1800
expires: Wed, 08 Feb 2023 07:54:19 GMT
date: Wed, 08 Feb 2023 07:24:19 GMT
X-Firefox-Spdy: h2

tagmanager.alright.network/cloudinary-core.min.js

54.230.111.60

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/cloudinary-core.min.js
IP
54.230.111.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cloudinary-core.min.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 26 Jan 2022 15:28:24 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 07:08:20 GMT
etag: W/"a1be2e94d994f87394275c7c24229e51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ydv3l50weF6eB2zuwuBiv0p8Q2UCD8JLscKD_pUUWIdZPXq9SNw49g==
age: 1070
X-Firefox-Spdy: h2

tagmanager.alright.network/cld-video-player.min.js

54.230.111.60

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/cld-video-player.min.js
IP
54.230.111.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cld-video-player.min.js HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 04 Feb 2022 16:19:43 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 07:23:10 GMT
etag: W/"f424c0548bcfc13402d775a5f3c7e056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vZiXtjcyE0iE0oRcr7muv1s2ib7ZzlI3nHrukB6UVYrhmpYanSWVXQ==
age: 133
X-Firefox-Spdy: h2

tagmanager.alright.network/cld-video-player.min.css

54.230.111.60

200 OK

0 B

URL HTTP/2
tagmanager.alright.network/cld-video-player.min.css
IP
54.230.111.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cld-video-player.min.css HTTP/1.1
Host: tagmanager.alright.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 26 Jan 2022 15:28:26 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 08 Feb 2023 07:08:20 GMT
etag: W/"7504d85c52d7210f8a3616c7f446e29d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XbeMwYaUykUw6iZizjKdBf4Ocbotea3eLSMTPdEBcuQQmOrCRBS3ZQ==
age: 1329
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML