firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 19:04:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 35cj1adr52TfA8_GYr1-yyvx4Xy45U32_HJXWJ2e9VB5678y91Jy3w==
Age: 980
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7571
Expires: Thu, 22 Sep 2022 21:26:37 GMT
Date: Thu, 22 Sep 2022 19:20:26 GMT
Connection: keep-alive
bordadosrl.com.br/mtb/login
162.214.170.93301 Moved Permanently 243 B URL HTTP/1.1 bordadosrl.com.br/mtb/login
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b5a15dffa749bfa06c172c6df8a5a9b3
d3a0ea3f41ba6b31362a29f688ad80f6738913f5
18bbd1aed05abcf483ba3b8b9fb66688730da1d379a54f15e716c07f17f1ba20
Analyzer Verdict Alert fortinet Phishing
GET /mtb/login HTTP/1.1
Host: bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:20:26 GMT
Server: Apache
Location: https://bordadosrl.com.br/mtb/login
Content-Length: 243
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z0ksqNNcu5SHn3w7_rgAMJPqNyWn6v4V3C0O8DVYY95TYHIMg5570A==
age: 53113
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 19:20:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 19:03:22 GMT
Expires: Thu, 22 Sep 2022 19:15:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 38ONUmdY8E_EElk6i9uUNIRUT30QLdgTCkBN92v_sUHSq1GPl02Yxw==
Age: 1025
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4896
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:27 GMT
Last-Modified: Thu, 22 Sep 2022 17:58:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
bordadosrl.com.br/mtb/login
162.214.170.93301 Moved Permanently 20 B URL HTTP/1.1 bordadosrl.com.br/mtb/login
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
GET /mtb/login HTTP/1.1
Host: bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:20:27 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Location: http://www.bordadosrl.com.br/mtb/login
Content-Length: 20
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D3bPXrF6Tq3sC8+fnyrygQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qyVh+0jcQaaLmhnt72RTBVL51wo=
www.bordadosrl.com.br/mtb/login
162.214.170.93301 Moved Permanently 247 B URL HTTP/1.1 www.bordadosrl.com.br/mtb/login
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c9444f7323b6189343c3314c95c6390
faf580baddc3b7b71ca78962e6c366ccb831fea7
fc6759851c250afeacd3788d2b7a6bc7829f690d7f90f92bee39c690ab06d048
Analyzer Verdict Alert fortinet Phishing
GET /mtb/login HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:20:27 GMT
Server: Apache
Location: https://www.bordadosrl.com.br/mtb/login
Content-Length: 247
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 19:20:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 19:20:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10384
Expires: Thu, 22 Sep 2022 22:13:33 GMT
Date: Thu, 22 Sep 2022 19:20:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 78380
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 77530
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 05:53:43 GMT
age: 48406
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: 18122f14-4c48-43b3-b312-218f3ae84d93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8EVfoAMF3dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-3d23a04565d70f3c5403007b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9zc5SsL1SB9GtwMkVWcNLJzC-MfOd-5TiQck5s6-MV23RWPqWPAgtA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 18:00:45 GMT
age: 4784
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 78380
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 77522
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bordadosrl.com.br/mtb/login
162.214.170.93404 Not Found 15 kB URL HTTP/1.1 www.bordadosrl.com.br/mtb/login
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (50243), with CRLF, LF line terminators
Hash c32c07e28514c9c12509892add33f7af
68ebb1178a62bc8830e9162ec75cbbe3478b1924
91395cf143c7b1eb2f3465a93c14975c5d2b4f8185e5f30208ead9dff6a33ab5
Analyzer Verdict Alert fortinet Phishing
GET /mtb/login HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Thu, 22 Sep 2022 19:20:28 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Powered-By: PrestaShop
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj; expires=Tue, 27-Sep-2022 19:20:28 GMT; Max-Age=431999; path=/; domain=www.bordadosrl.com.br; secure; HttpOnly
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
IP 142.250.74.10:0
Hash 9a716ea274a8b22d4fe3a59b5841db78
10342cf028085d437926ef279ad46d17c1ebf4b1
ea7e54c6e0a437f7320256999b5668f7b682a9ce2f78f6cb07203527d011c2e4
GET /css?family=Open+Sans:300,600&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 19:20:29 GMT
date: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04fcf7ddca845d2b087ec43ab5ff0d59
39060a9af77ba92e5db529ba7c79013d205c9423
1ae0d60b572f2075bddfe8ae2034ddd093150d0d18c72d967b3bb8c4abffb23e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b578aed53ee9a2ee8cccab56985f7ab
1d5182fc7bdeaa61c5d85491a15dad902fbe93c9
ed8c8c8b8979b564564ddbf0d238414a37ca578ee2b6e71a7ad73ac001f30f71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=nar_onLoad&render=explicit
142.250.74.164200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=nar_onLoad&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (905), with no line terminators
Hash 91b83177e60e98e0ec5404e18f8c7b93
4f4853a8a6f61d95b4adc65b90c14cc008cc252f
01d957f37ff6a8ab089e49333ba3f61aeda2a34161b731fbabe0e282d8a2c003
GET /recaptcha/api.js?onload=nar_onLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 22 Sep 2022 19:20:29 GMT
date: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-23163904-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-23163904-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 780dd01fb334f966c9732edffa105806
b04d9fe3449b2b5e093e37e327adfd35fb1d8324
124bae5ce9770486775157b119c7c11b8b8d116e0c433ece4cc1dd4718657edc
GET /gtag/js?id=UA-23163904-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 19:20:29 GMT
expires: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2903)
Hash 849fe6a25c060dcd36ceef6ee7bff03b
87e85825c4896d7a2ea625ada3bb8b65293015bd
c2e8a9dbc8a106e6306aa5122b9206257522a51412206d972ba59e0bf771127a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 22 Sep 2022 19:20:29 GMT
expires: Thu, 22 Sep 2022 19:20:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7920867636286272240
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
162.214.170.93200 OK 44 kB URL HTTP/1.1 www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65518)
Hash 73c971632e8dd0da8aae33d750eb7013
7d24e123b34a08075e4e7b29060cd341feec4413
03c0031cf1b2c1a4735470d7c9109544a9402b9ca26ebb20c5ed3b1dc8da31f5
GET /themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:29 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 13:42:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 29 Sep 2022 19:20:29 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 43965
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: text/css
www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js
162.214.170.93200 OK 80 kB URL HTTP/1.1 www.bordadosrl.com.br/themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32341)
Hash 659a4d2c3f8eab523ec3dc8a6302b7c6
24d542ef1abfd9c0fa6c02a620a7269093ec7e01
d569f860b8f0b51f345ebf990f4be1ea84ef3194197a3dd9316447a6bee0d5d7
Analyzer Verdict Alert fortinet Phishing
GET /themes/default-bootstrap/cache/v_128_79797ded2f2fb31de8f43da68ec0d5c7.js HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:29 GMT
Server: Apache
Last-Modified: Mon, 12 Sep 2022 13:42:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Thu, 29 Sep 2022 19:20:29 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=20, max=199
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-5-1.jpg
162.214.170.93200 OK 1.9 kB URL HTTP/1.1 www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-5-1.jpg
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 51x51, components 3\012- data
Hash 8704857536554c53c4fb847bb175b8c7
87e784bfa6d938e01fb54dae45d4a6b28a747b4b
8266b848fdc1f8bcdc58fec6bc12db088523068b3d2bed6e4888ba7961204ad3
GET /modules/blockreinsurance/img/reinsurance-5-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 14 Oct 2021 11:31:01 GMT
Accept-Ranges: bytes
Content-Length: 1891
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/jpeg
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-10-1.jpg
162.214.170.93200 OK 2.0 kB URL HTTP/1.1 www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-10-1.jpg
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Hash 7e72838a1ddbc6c81aa70efc1da69d60
b3c77eba07d3261ec75933601517140ff56c4010
2192446ee382fb566e54bdab72516cb888ffbbb62fec5a8b30bb662dde3fdccd
GET /modules/blockreinsurance/img/reinsurance-10-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:59:08 GMT
Accept-Ranges: bytes
Content-Length: 1961
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=199
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 211769
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bordadosrl.com.br/themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0
162.214.170.93200 OK 57 kB URL HTTP/1.1 www.bordadosrl.com.br/themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Phishing
GET /themes/default-bootstrap/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2020 14:52:48 GMT
Accept-Ranges: bytes
Content-Length: 56780
Cache-Control: max-age=31536000
Expires: Fri, 22 Sep 2023 19:20:30 GMT
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Origin: *
Keep-Alive: timeout=20, max=198
Connection: Keep-Alive
Content-Type: font/woff2
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220919/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 22 Sep 2022 00:13:49 GMT
expires: Thu, 06 Oct 2022 00:13:49 GMT
cache-control: public, max-age=1209600
age: 68801
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bordadosrl.com.br/themes/default-bootstrap/img/footer-bg.png
162.214.170.93200 OK 83 B URL HTTP/1.1 www.bordadosrl.com.br/themes/default-bootstrap/img/footer-bg.png
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1 x 70, 8-bit colormap, non-interlaced\012- data
Hash ad7c25d6b826b81098a15d7e87c978ba
d4474350e7c4c203e4ca497091c4209614e883db
1207bcd0369868cbb5be1794a4519bdf3a911889cf239cde3c03abedecc28f1a
GET /themes/default-bootstrap/img/footer-bg.png HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2020 14:52:56 GMT
Accept-Ranges: bytes
Content-Length: 83
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=199
Connection: Keep-Alive
Content-Type: image/png
www.bordadosrl.com.br/modules/blockreinsurance/img/bg_reinsurance_block.gif
162.214.170.93200 OK 299 B URL HTTP/1.1 www.bordadosrl.com.br/modules/blockreinsurance/img/bg_reinsurance_block.gif
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 85\012- data
Hash cb10b633ef9b88c86b2abb1572a80056
2b686e7dec630720f2eddaf0103e5c6a09da3c03
774c88fe3665b3e0d1a24ac602886cd347110c881a538ffce5551f3c41d66943
GET /modules/blockreinsurance/img/bg_reinsurance_block.gif HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/themes/default-bootstrap/cache/v_170_04e96b951cef954f17eaf993cd96c21d_all.css
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:57:59 GMT
Accept-Ranges: bytes
Content-Length: 299
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=198
Connection: Keep-Alive
Content-Type: image/gif
www.bordadosrl.com.br/module/cron/cron?token=g1z5AkTm&time=1663874429
162.214.170.93200 OK 43 B URL HTTP/1.1 www.bordadosrl.com.br/module/cron/cron?token=g1z5AkTm&time=1663874429
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /module/cron/cron?token=g1z5AkTm&time=1663874429 HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Access-Control-Allow-Origin: *
Content-Length: 43
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Vary: User-Agent
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/gif
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-1-1.jpg
162.214.170.93200 OK 2.1 kB URL HTTP/1.1 www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-1-1.jpg
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Hash fe215a4795c11bfebba04d6d98114f0b
cd11eb4e78473048a5f5f94817d5075ff5e9d4e1
08da39b6f9b59598520401595b33f9a92c17e4e3bd8c27f0a1e330e3874f1b86
GET /modules/blockreinsurance/img/reinsurance-1-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:42:02 GMT
Accept-Ranges: bytes
Content-Length: 2071
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=197
Connection: Keep-Alive
Content-Type: image/jpeg
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-9-1.jpg
162.214.170.93200 OK 2.0 kB URL HTTP/1.1 www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-9-1.jpg
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Hash ed73f9c9c66f903c04d7b3147b7eaaca
94cc70b1c0a78494897549300718a4b5c731405c
d158fbde85d700c191b93ad3024793595568fccdb2500ead19a27e487e16ecd9
GET /modules/blockreinsurance/img/reinsurance-9-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:56:45 GMT
Accept-Ranges: bytes
Content-Length: 2015
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=197
Connection: Keep-Alive
Content-Type: image/jpeg
www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-2-1.jpg
162.214.170.93200 OK 1.7 kB URL HTTP/1.1 www.bordadosrl.com.br/modules/blockreinsurance/img/reinsurance-2-1.jpg
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 51x51, components 3\012- data
Hash 244691502ead38bc51b947f1cbde9c19
41023cd9a4fd0eb8036d113df5158d9f9afe9554
3a0e62df92ac6c19c4aa195b86ed2e04c356daeb2ef3426b00f614d1fb403b2c
GET /modules/blockreinsurance/img/reinsurance-2-1.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 13:44:19 GMT
Accept-Ranges: bytes
Content-Length: 1695
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=198
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 13cf7399e566a6646c3d468c9fcecdff
7d58b2cb7d8e29987c5276828931c3c9288f18fa
4b9263fb0142cf94e98d03d030875159a2bf37b37ba2d997b52e9f58927d76ed
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 19:20:30 GMT
Last-Modified: Thu, 22 Sep 2022 19:15:07 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YCuIcjpmoe0O2CPipReDngYSKbhvnA1M9-IUdmi6d7HTfQ-QNocupA==
Age: 323
www.bordadosrl.com.br/modules/blockbanner/img/0cb025c728fea5d0205ad524becfa966.gif
162.214.170.93200 OK 25 kB URL HTTP/1.1 www.bordadosrl.com.br/modules/blockbanner/img/0cb025c728fea5d0205ad524becfa966.gif
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1170 x 80\012- data
Hash 056bbe9fa2a181d532308a6500f4cffb
e8f187b8ca21a0c2d25b20abcfca7d7de47f96e1
de369f7867bbed020467476094cff70c843ed99921aba116bcf3f3462a081e82
GET /modules/blockbanner/img/0cb025c728fea5d0205ad524becfa966.gif HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:56:34 GMT
Accept-Ranges: bytes
Content-Length: 24613
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/gif
www.bordadosrl.com.br/img/bordados-rl-logo-1557273002.jpg
162.214.170.93200 OK 14 kB URL HTTP/1.1 www.bordadosrl.com.br/img/bordados-rl-logo-1557273002.jpg
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", progressive, precision 8, 400x140, components 3\012- data
Hash b867d6b8cab9026c64ca69b628f61229
cf5935ffd3d2d978f4f2d05975f07f0b9a3fb0a5
9ddfed4abf2aab9f764c3df77de7d5bb57a706a851da00456356f2cd5839e016
GET /img/bordados-rl-logo-1557273002.jpg HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:28:29 GMT
Accept-Ranges: bytes
Content-Length: 14455
Cache-Control: max-age=2592000
Expires: Sat, 22 Oct 2022 19:20:30 GMT
Keep-Alive: timeout=20, max=200
Connection: Keep-Alive
Content-Type: image/jpeg
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 135781
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/asset-manifest.json
185.76.9.18200 OK 1.5 kB URL HTTP/2 widget-v2.smartsuppcdn.com/asset-manifest.json
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
File type JSON data\012- , ASCII text
Hash 328faad0de303369e07c6d03e1db6973
de7323cacc572bdc95c57f1f796879baee00c233
45c4ee6ae00867701fdc4d97591cc93fe8759448d1a97266e6286c79a46a048d
GET /asset-manifest.json HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:30 GMT
content-type: application/json
last-modified: Tue, 13 Sep 2022 08:22:15 GMT
etag: W/"63203db7-6ce"
expires: Tue, 13 Sep 2022 08:56:12 GMT
cache-control: max-age=300, public, s-maxage=60
access-control-allow-origin: *
x-accel-expires: @1663874480
server: CDN77-Turbo
x-77-nzt: AblMCQ1hpaL/CgAAAA
x-77-nzt-ray: Mlsqdq3USxE
x-cache: HIT
x-age: 10
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.bordadosrl.com.br/img/favicon.ico?1655479423
162.214.170.93200 OK 1.6 kB URL HTTP/1.1 www.bordadosrl.com.br/img/favicon.ico?1655479423
IP 162.214.170.93:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 8ca46e38fb722ff1d0825491870c6d3b
cc47720e52e6f855e0823d6ffd5c9c522a2f10d7
1558e2b848dd77d18ff3c54ba3c1b07d099b727641818e977d2510e5f745773f
Analyzer Verdict Alert fortinet Phishing
GET /img/favicon.ico?1655479423 HTTP/1.1
Host: www.bordadosrl.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/mtb/login
Cookie: PrestaShop-38d3eafd7cbca8d3d8a74d6bb350450f=a3de920b50f0584d7dbc31248a3434be5980d02d3901843e8d4b78635f62cb3d%3AYZqFxj9Yd%2ByCzrCOuysB4TNnB4cM%2B7fwjoVHDSgMSeOs%2FBXEvb%2BwUUbz5Y8SWNLXDD1UmofeNXZIQfu4zP%2BMRgnShZp%2FtOtrkfi6DF3LApiYCDECswv3JEVtSI%2FG9%2BRGQo1CoAnphgM%2BjcUaq%2F%2BVBvVnxgzEjzLtx%2F47XsBkZ%2FJIgcIhlu9Ze6wiwrE78zCj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 19:20:30 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 13:28:31 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Fri, 22 Sep 2023 19:20:30 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1644
Keep-Alive: timeout=20, max=196
Connection: Keep-Alive
Content-Type: image/x-icon
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&gjid=961657829&_gid=84520686.1663874430&_u=YEBAAUIIAAAAAC~&z=1483903059
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&gjid=961657829&_gid=84520686.1663874430&_u=YEBAAUIIAAAAAC~&z=1483903059
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&gjid=961657829&_gid=84520686.1663874430&_u=YEBAAUIIAAAAAC~&z=1483903059 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.bordadosrl.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&gjid=912667260&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=805380553
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&gjid=912667260&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=805380553
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&gjid=912667260&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=805380553 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.bordadosrl.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&gjid=180826230&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=744486647
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&gjid=180826230&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=744486647
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&gjid=180826230&_gid=84520686.1663874430&_u=aGDAAUIJAAAAAC~&z=744486647 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.bordadosrl.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/static/js/runtime-main.c16a44f6.js
185.76.9.18200 OK 1.2 kB URL HTTP/2 widget-v2.smartsuppcdn.com/static/js/runtime-main.c16a44f6.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2443)
Hash 7323358a75753b7ff2fa89cad45c00e5
b52f3f4b04729083d289d7964ec19d02b2876bda
0161056c557251921d6bc4167313556c0670226a739c05efac80415f998fd43d
GET /static/js/runtime-main.c16a44f6.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 07:52:21 GMT
etag: W/"63199f35-9bd"
expires: Fri, 08 Sep 2023 08:08:17 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694160497
server: CDN77-Turbo
x-77-nzt: AblMCQ1mDrT/jhITAA
x-77-nzt-ray: emx0XuUzjVw
x-cache: HIT
x-age: 1249934
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&_u=aGDAAUIJAAAAAC~&z=1003983934
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&_u=aGDAAUIJAAAAAC~&z=1003983934
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=1120221562&_u=aGDAAUIJAAAAAC~&z=1003983934 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&_u=aGDAAUIJAAAAAC~&z=1574637489
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&_u=aGDAAUIJAAAAAC~&z=1574637489
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=647412623&_u=aGDAAUIJAAAAAC~&z=1574637489 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&_u=YEBAAUIIAAAAAC~&z=554504244
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&_u=YEBAAUIIAAAAAC~&z=554504244
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23163904-1&cid=540208619.1663874430&jid=940314448&_u=YEBAAUIIAAAAAC~&z=554504244 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:20:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:20:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash eb1556c0633d4dddada6053d01cfb357
c7304fdbe0c885f2d64850e8384055fd153dc670
ab821413c5141d72094205e8d17b3b29494ac55b47acf48230d9cee67d01f855
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 19:20:31 GMT
Last-Modified: Thu, 22 Sep 2022 18:58:24 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HMweWr-iVkGlK5lj-yoJ9QRZtKky9C35nINoGMLVTyX5-sowyW7rog==
Age: 1327
websocket-visitors.smartsupp.com/socket/?EIO=3&transport=websocket
3.126.230.201101 Switching Protocols 0 B URL HTTP/1.1 websocket-visitors.smartsupp.com/socket/?EIO=3&transport=websocket
IP 3.126.230.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket/?EIO=3&transport=websocket HTTP/1.1
Host: websocket-visitors.smartsupp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.bordadosrl.com.br
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dFfVuta68gJV2mQXHisrdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 22 Sep 2022 19:20:31 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ITvbV4d8rmo59k0Bo+dlf7mWIEI=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
widget-v2.smartsuppcdn.com/translates/en.json?v=4f5d40371559173152e9a252ef0bab4ed758854f
185.76.9.18200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/translates/en.json?v=4f5d40371559173152e9a252ef0bab4ed758854f
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
GET /translates/en.json?v=4f5d40371559173152e9a252ef0bab4ed758854f HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bordadosrl.com.br/
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/json
last-modified: Tue, 13 Sep 2022 08:21:20 GMT
etag: W/"63203d80-fc9"
expires: Wed, 13 Sep 2023 08:52:14 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694595134
server: CDN77-Turbo
x-77-nzt: AblMCQ2C6lX/wXAMAA
x-77-nzt-ray: 43INp6M+1Io
x-cache: HIT
x-age: 815297
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.smartsuppchat.com/loader.js
185.76.9.22200 OK 0 B URL HTTP/2 www.smartsuppchat.com/loader.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /loader.js HTTP/1.1
Host: www.smartsuppchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:30 GMT
content-type: application/javascript
last-modified: Tue, 22 Mar 2022 17:52:27 GMT
etag: W/"623a0cdb-4792"
expires: Mon, 23 May 2022 11:09:44 GMT
cache-control: max-age=300, public, s-maxage=60
x-accel-expires: @1663874476
server: CDN77-Turbo
x-77-nzt: AblMCRQwcOD/DgAAAA
x-77-nzt-ray: D+nhLFlgWg4
x-cache: HIT
x-age: 14
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/static/js/main.9ec99211.chunk.js
185.76.9.18200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/static/js/main.9ec99211.chunk.js
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
GET /static/js/main.9ec99211.chunk.js HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 08:22:15 GMT
etag: W/"63203db7-1cd79"
expires: Wed, 13 Sep 2023 08:51:13 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694595073
server: CDN77-Turbo
x-77-nzt: AblMCQ0TA9n//nAMAA
x-77-nzt-ray: WxQOab1BmDs
x-cache: HIT
x-age: 815358
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
widget-v2.smartsuppcdn.com/translates/pt.json?v=4f5d40371559173152e9a252ef0bab4ed758854f
185.76.9.18200 OK 0 B URL HTTP/2 widget-v2.smartsuppcdn.com/translates/pt.json?v=4f5d40371559173152e9a252ef0bab4ed758854f
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
GET /translates/pt.json?v=4f5d40371559173152e9a252ef0bab4ed758854f HTTP/1.1
Host: widget-v2.smartsuppcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bordadosrl.com.br/
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:31 GMT
content-type: application/json
last-modified: Tue, 13 Sep 2022 08:21:20 GMT
etag: W/"63203d80-10ac"
expires: Wed, 13 Sep 2023 09:10:01 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
x-accel-expires: @1694596201
server: CDN77-Turbo
x-77-nzt: AblMCQ3d/Mb/lmwMAA
x-77-nzt-ray: y3YqAJEAiks
x-cache: HIT
x-age: 814230
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
bootstrap.smartsuppchat.com/widget/7999c07eed34bfc5fdbe2ef7caa3ab5e751a9681.json
52.57.230.198200 OK 0 B URL HTTP/2 bootstrap.smartsuppchat.com/widget/7999c07eed34bfc5fdbe2ef7caa3ab5e751a9681.json
IP 52.57.230.198:0
GET /widget/7999c07eed34bfc5fdbe2ef7caa3ab5e751a9681.json HTTP/1.1
Host: bootstrap.smartsuppchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.bordadosrl.com.br
Connection: keep-alive
Referer: https://www.bordadosrl.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:20:30 GMT
content-type: application/json; charset=utf-8
x-version: 40abd74f2935f2a6d1a2667e53c08501d31c5c2e
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate
x-hit: redis
etag: "111d-J0iiREpuIvLbSbp9pfCxk9ATnWw"
content-encoding: br
X-Firefox-Spdy: h2