r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15632
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 07:57:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6375
Expires: Wed, 08 Feb 2023 09:43:33 GMT
Date: Wed, 08 Feb 2023 07:57:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 07:34:12 GMT
content-type: application/json
age: 1386
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7122
Expires: Wed, 08 Feb 2023 09:56:00 GMT
Date: Wed, 08 Feb 2023 07:57:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GiVqbHM9YacTcDGze1bRif5BZ6XK0/zeqE4y19U8weBnOMko+N5cYpn48ZU15HKekviZqO2st/xanEsxT9W0DA==
x-amz-request-id: XZMH0NVJWPXYWKM1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 07:45:53 GMT
age: 685
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 07:57:18 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
20.94.62.51/ruxitagentjs_ICA2Vfghjqru_10235220309135426.js
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/ruxitagentjs_ICA2Vfghjqru_10235220309135426.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /ruxitagentjs_ICA2Vfghjqru_10235220309135426.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/js/3.bundle-d6a6baaa0dc3faae26db.js
20.94.62.51200 OK 38 kB URL HTTP/1.1 20.94.62.51/js/3.bundle-d6a6baaa0dc3faae26db.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (37515), with no line terminators
Hash 39e850b2f21e44f7c83c5bfbf71a1a23
3610d538fb093eec2940764418eff51e72fe8f8f
4ab4958c63bd706e031161717896c8fbe22f133a4c9ff285cc053e75ceb13d06
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /js/3.bundle-d6a6baaa0dc3faae26db.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:09:38 GMT
ETag: "93a0-5dae925b10137"
Accept-Ranges: bytes
Content-Length: 37792
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N2FTFQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (3707)
Hash cc1ebb3391889f12ff6cce93e1610732
09420131499462fff34adc76e859b60d83bd84dc
ef1942214a724d418309baa6e732d7645c84d9e3244389b8b10f0fa78d83e79b
GET /gtm.js?id=GTM-N2FTFQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 07:57:18 GMT
expires: Wed, 08 Feb 2023 07:57:18 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 07:14:52 GMT
age: 2546
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/js/2.bundle-d410ea60e5b46c298cdd.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/login/index.php
20.94.62.51200 OK 735 kB URL HTTP/1.1 20.94.62.51/login/index.php
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1242)
Size 735 kB (735003 bytes)
Hash 3d2997ee91abb3e7c9bd9b6eb077c1fe
b0e71c2814829f379baa882f37a0a948a0bb6fed
f16319e9e4b850f91c219968f9b0efc913c31789ce6f34cbb811a4f622696e71
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /login/index.php HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:17 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
X-Powered-By: PHP/7.4.29
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
20.94.62.51/vectors/google-play-badge-reverse.svg
20.94.62.51200 OK 11 kB URL HTTP/1.1 20.94.62.51/vectors/google-play-badge-reverse.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10788)
Hash dd500e2468aecaccb46e64859f38ed87
6922b1027cf980cf19ed84c94732c3b704798cc8
e946d863a136a09089fd275d574ff3346bad8327d4ef378c06af35872d9fe56d
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /vectors/google-play-badge-reverse.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:19:26 GMT
ETag: "2a25-5dae948c4dbd2"
Accept-Ranges: bytes
Content-Length: 10789
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
142.250.74.164200 OK 580 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR
IP 142.250.74.164:0
File type ASCII text, with very long lines (913), with no line terminators
Hash e7c42946ef30a7489021af58a379f113
5200e9c9704d76f7b2cca6e550bee72f2cf686f5
4ecdfaac477e201b34fc1a6bab234ae7332dd52dbf66c7aee7dd48e613840ae8
GET /recaptcha/api.js?onload=onLoadRecaptcha&render=explicit&hl=pt-BR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 08 Feb 2023 07:57:18 GMT
date: Wed, 08 Feb 2023 07:57:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 19:19:40 GMT
expires: Wed, 07 Feb 2024 19:19:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 45458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/vectors/google-play-badge.svg
20.94.62.51200 OK 11 kB URL HTTP/1.1 20.94.62.51/vectors/google-play-badge.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10785)
Hash f1a5450f21493625afbc619436ad14e0
e641815fd9bd38b5827c9e65821ed5a8fa05b0fb
8827f96ace2afe4aeff4c33db4ac86193f38a62cb30d9fbba949e0b72c2a55ff
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /vectors/google-play-badge.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:21:29 GMT
ETag: "2a22-5dae9501c4b83"
Accept-Ranges: bytes
Content-Length: 10786
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
20.94.62.51/vectors/app-store-badge.svg
20.94.62.51200 OK 14 kB URL HTTP/1.1 20.94.62.51/vectors/app-store-badge.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14261)
Hash 34683b771a7e7e258b2aaa2e1d7b37f1
cbd7c1053fe89019d386d1676ffa086ddbf0a8b5
3dd08d21a5c010294a50355af3565a50d08ea4aef83e822114be29171209f109
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /vectors/app-store-badge.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:21:50 GMT
ETag: "37b6-5dae951579e0e"
Accept-Ranges: bytes
Content-Length: 14262
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&badge=inline&cb=uii3yowxuayz
142.250.74.164200 OK 23 kB URL HTTP/2 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&badge=inline&cb=uii3yowxuayz
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35964)
Hash bdca1778813b4b06ac383faf17305f36
00c43c9983f2ec8adde8f45aa6d2508d9b0d9f68
009ee2d0e28165d4c4093c8f4def20a32a67f56564c77e6df78b7d19ba0d4bd9
GET /recaptcha/api2/anchor?ar=1&k=6LcNwW8UAAAAAJ8eSLfer6Z8Lm28favadVWPryjV&co=aHR0cHM6Ly93d3cucmVhbGl6ZXNvbHVjb2VzZmluYW5jZWlyYXMuY29tLmJyOjQ0Mw..&hl=pt-BR&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=invisible&badge=inline&cb=uii3yowxuayz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 Feb 2023 07:57:18 GMT
content-security-policy: script-src 'nonce-bzvxMdIQtr09HKfU2aO-QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 23315
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15932
Expires: Wed, 08 Feb 2023 12:22:50 GMT
Date: Wed, 08 Feb 2023 07:57:18 GMT
Connection: keep-alive
20.94.62.51/fonts/Roboto-Bold.woff2
20.94.62.51200 OK 15 kB URL HTTP/1.1 20.94.62.51/fonts/Roboto-Bold.woff2
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14680, version 1.0\012- data
Hash aa3e87117db2b3c27801cbb8dfe40c6c
a1118c5362e2dd34ac5cf34e135042c3ad827b58
36eea693231e39de5efd21718fea8fc98005b580b264522ffbef360939b8d75c
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /fonts/Roboto-Bold.woff2 HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:17:00 GMT
ETag: "3958-5dae9400a908c"
Accept-Ranges: bytes
Content-Length: 14680
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
20.94.62.51/cartoes-renner/vectors/whatsapp.svg
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/vectors/whatsapp.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/vectors/whatsapp.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/vectors/bg-login.svg
20.94.62.51200 OK 664 B URL HTTP/1.1 20.94.62.51/vectors/bg-login.svg
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (663)
Hash bbba81daa6feeed173485552f13c0f2a
aa3778c907487f06760a88ed95fa98522512f292
3bb71cec41dd0b3c5782f72d32b1b028fdc9558f0acace778d1a2c312d50f382
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /vectors/bg-login.svg HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:25:11 GMT
ETag: "298-5dae95d56eb6a"
Accept-Ranges: bytes
Content-Length: 664
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash cf4010d2621299f54ad848758ff5dc4d
58dbaf083e51a32921a78753faff7a9c19daaa48
288d3efcd8e21350ac88ecec9f8741802fbb13db77117968a2077820d399f8f9
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90949
Date: Wed, 08 Feb 2023 07:57:18 GMT
Etag: "63e21623-1d7"
Expires: Thu, 09 Feb 2023 09:13:08 GMT
Last-Modified: Tue, 07 Feb 2023 09:13:07 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FE4FREbgguF7vqLZq_72DZjy1dfW--KXcIbNIxtvmX03XOXbMTK_fQ==
20.94.62.51/fonts/Roboto-Black.woff2
20.94.62.51200 OK 15 kB URL HTTP/1.1 20.94.62.51/fonts/Roboto-Black.woff2
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14592, version 1.0\012- data
Hash fa058128ab6fcaa61257208d085b4d57
71c4e4b88c8049ef87ab6ede1ed4c9934eff778e
6e85391e451421ec1d47481273c0b97555ee880504b0fe96c5cec1edd4b0c57f
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /fonts/Roboto-Black.woff2 HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:17:20 GMT
ETag: "3900-5dae9413d4259"
Accept-Ranges: bytes
Content-Length: 14592
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
20.94.62.51/images/celular-login.png
20.94.62.51200 OK 155 kB URL HTTP/1.1 20.94.62.51/images/celular-login.png
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 379 x 485, 8-bit/color RGBA, non-interlaced\012- data
Size 155 kB (155176 bytes)
Hash e624d089f9b2fff768b6b592285a4f12
bef94cbbf3c93e3cc8cc45975065216efc046336
7db4ada57262fbacd47bef4e96e3cedda276b9267e6ca4d20adeeb1c24d870b6
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /images/celular-login.png HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:20:16 GMT
ETag: "25e28-5dae94bbad437"
Accept-Ranges: bytes
Content-Length: 155176
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
20.94.62.51/fonts/Roboto-Regular.woff2
20.94.62.51200 OK 15 kB URL HTTP/1.1 20.94.62.51/fonts/Roboto-Regular.woff2
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 14600, version 1.0\012- data
Hash a2647ffe169bbbd94a3238020354c732
0a59a3b17c93c1093c2514b3a9d51c91395aabd0
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /fonts/Roboto-Regular.woff2 HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:15:40 GMT
ETag: "3908-5dae93b4b0a6e"
Accept-Ranges: bytes
Content-Length: 14600
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2
20.94.62.51/cartoes-renner/fonts/Roboto-Bold.woff
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Bold.woff
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.woff HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js
216.58.211.3404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js
IP 216.58.211.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3ab3a3944f881ad31c89d08f5e8bb435
3dffffd915706b6f3a4be103ef99b293fd89d2dc
a2b4316623904892860acbdf726e13f1b33e07244baaae92fb9bb0c01e70d69c
GET /recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__pt_br.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 07:57:19 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/cartoes-renner/fonts/Roboto-Black.woff
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Black.woff
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.woff HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/fonts/Roboto-Regular.woff
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Regular.woff
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.woff HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 07:57:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20.94.62.51/cartoes-renner/fonts/Roboto-Bold.ttf
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Bold.ttf
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Bold.ttf HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
18.228.227.3200 OK 9.2 kB URL HTTP/1.1 cdn.pmweb.com.br/df/tag.js?id=PM-N2FTFQ
IP 18.228.227.3:0
File type ASCII text, with very long lines (22651), with no line terminators
Hash bb462b00b14c20c1058237a188f4033b
6cb3f0724e5b750d6d1ae92518a9126314368e7b
ff1a4463eadc1c7e0bce4edd7635a026f7106130efd1c27bd4bb8af6104edf08
GET /df/tag.js?id=PM-N2FTFQ HTTP/1.1
Host: cdn.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=300
Content-Encoding: gzip
Content-Type: application/javascript
Date: Wed, 08 Feb 2023 07:57:19 GMT
ETag: W/"63da9361-587b"
Expires: Wed, 08 Feb 2023 08:02:19 GMT
Last-Modified: Wed, 01 Feb 2023 16:29:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding
Content-Length: 9197
Connection: keep-alive
push.services.mozilla.com/
35.83.112.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.112.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3AI4Y0UP5yTHbqXP0lB5Kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SsG4aZ8MvFFu0x3jK2Gq+G6+n2g=
20.94.62.51/js/vendors.bundle-859d26788acf215a201a.js
20.94.62.51200 OK 686 kB URL HTTP/1.1 20.94.62.51/js/vendors.bundle-859d26788acf215a201a.js
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Size 686 kB (686470 bytes)
Hash ba8db3e4745ef4402e6c1011c9227191
e155466c79dd3823ff0ce99802093d80e40ebd1f
40d596025119e99448ba247d9ad58248525a484a971dabdd366e0724453e3e36
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /js/vendors.bundle-859d26788acf215a201a.js HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 07:57:18 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Last-Modified: Wed, 23 Mar 2022 21:22:58 GMT
ETag: "a7986-5dae955635fe5"
Accept-Ranges: bytes
Content-Length: 686470
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
20.94.62.51/cartoes-renner/fonts/Roboto-Black.ttf
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Black.ttf
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Black.ttf HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/fonts/Roboto-Regular.ttf
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/fonts/Roboto-Regular.ttf
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/fonts/Roboto-Regular.ttf HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2c9111264079d518d1b50e15e40dd307
6e1374be3ccc15ef054ae6033c944b25b48aabeb
8bcb6e31e71db94b6a9581856ae5a25e67589887dc4d57a0ec33488f671231eb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 07:57:19 GMT
Last-Modified: Wed, 08 Feb 2023 06:27:37 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qyGG5au-4JWmaN0XfKBnDALk_8TLA13tl79aHltYV20X-m6NehqqVQ==
Age: 5383
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
216.58.211.3404 Not Found 1.6 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css
IP 216.58.211.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 617f87016391056cbfa3087f986bd536
57c63621d5e3657f9add4229143eb54909902bd0
a38edb7c355cb03d028c7aebd49d71de4b673368cbf77dec0c95088930a90c73
GET /recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 07:57:19 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 07:45:20 GMT
expires: Wed, 08 Feb 2023 09:45:20 GMT
cache-control: public, max-age=7200
age: 719
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20.94.62.51/cartoes-renner/images/lojas-renner.png
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/images/lojas-renner.png
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/images/lojas-renner.png HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-; _pm_id=183401675843092750; _pm_sid=506901675843092750
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
20.94.62.51/cartoes-renner/images/favicon.ico
20.94.62.51404 Not Found 298 B URL HTTP/1.1 20.94.62.51/cartoes-renner/images/favicon.ico
IP 20.94.62.51:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cd60002a372c30fe80ec22dce1c73d9
ae4f6b3a61df55530ea072f6b5df30f50a8c9558
f1f6bfcab551458807a0440ff262154d67829f037ec15758655691a1b2f2b031
Analyzer Verdict Alert openphish Lojas Renner
quad9 Sinkholed
GET /cartoes-renner/images/favicon.ico HTTP/1.1
Host: 20.94.62.51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20.94.62.51/login/index.php
Cookie: dtCookie=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6; rxVisitor=1675843091896LMKDLJIKCATG968HK5KQ6OBSLSBR6BRP; dtPC=-56$43091890_533h1vGOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0e0; rxvt=1675844891903|1675843091898; dtLatC=48; dtSa=-; _pm_id=183401675843092750; _pm_sid=506901675843092750
HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 07:57:19 GMT
Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
Content-Length: 298
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
52.95.165.116200 OK 0 B URL HTTP/1.1 s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=real&x-r=
IP 52.95.165.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frame-image-br/bg.png?x-id=real&x-r= HTTP/1.1
Host: s3-sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dB8ph/saLy/ClxMqg6VGMfRvNxkD4c77d5tEUrhVJYhcEMJitZm7hedd+YLh0tWvdfkIxNcerDw=
x-amz-request-id: 3QC34JYFVNM5SS9X
Date: Wed, 08 Feb 2023 07:57:20 GMT
Last-Modified: Thu, 04 May 2017 08:21:21 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:57:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:57:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17595
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 07:57:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qYXu_I4vL00EOopA1nQcxCTMKf4nObKFk9XQozhw6FezKsfTDem3Mw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:35 GMT
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
age: 35445
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:22 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 36118
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 36186
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EHKG30r3kg-Lb-iZylZBFUY-Yp892ZN1W8YNykxPyP6NiVx-dKW-4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:30:40 GMT
age: 34000
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cf13Lp2SFHQ4SSF6_KpC4zx339tZRkMmnmF-OKM_2hbWbIoR3OLJ_g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:50:49 GMT
age: 36391
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bc4af7bd5bdcf67a4bac63e22b5d7ce8
5c457bf5021e9336d8582eed9e84e5279e08547c
0dac79971019d06657a1948f1cedaca02b3f9eca1eae52026ad9bdd0e4137b35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F566ad678-65a7-4c74-8467-5fa73f0c1e16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9731
x-amzn-requestid: 297af487-e8cf-4d0a-a30b-337cf1630f71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_RImGLjoAMFnDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c89d-3c4f6fa521885bd45e943d3b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:54:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yrzTgCscPsiLURoP97eyv80rROEqj68xBxOvJcrT8IFuYXodrNWt7A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:49 GMT
age: 36091
etag: "5c457bf5021e9336d8582eed9e84e5279e08547c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=183401675843092750&sid=506901675843092750&pvw=3008410d-5017-4580-a070-8e06374ad810&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&add=%7B%22err%22%3A%5B%22unable%20to%20decode%20object%22%5D%7D
18.228.159.199200 OK 2 B URL HTTP/1.1 df.pmweb.com.br/push/?aid=PM-N2FTFQ&cid=183401675843092750&sid=506901675843092750&pvw=3008410d-5017-4580-a070-8e06374ad810&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&add=%7B%22err%22%3A%5B%22unable%20to%20decode%20object%22%5D%7D
IP 18.228.159.199:0
File type ASCII text, with no line terminators
Hash 50585be4e3159a71c874c590d2ba12ec
fb17882585bbfe9c55733a6e46a265ddaea6957a
54d626e08c1c802b305dad30b7e54a82f102390cc92c7d4db112048935236e9c
GET /push/?aid=PM-N2FTFQ&cid=183401675843092750&sid=506901675843092750&pvw=3008410d-5017-4580-a070-8e06374ad810&v=1.19.0&rs=1280x1024&tt=Cart%C3%B5es%20Renner&ws=1280x1024&os=Linux%20x86_64&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&url=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&add=%7B%22err%22%3A%5B%22unable%20to%20decode%20object%22%5D%7D HTTP/1.1
Host: df.pmweb.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://20.94.62.51
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/plain
Date: Wed, 08 Feb 2023 07:57:20 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Set-Cookie: _pm_uid=183401675843092750; path=/; domain=pmweb.com.br; secure; Expires=Fri, 07-Feb-2025 07:57:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 2
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1a24dde1aee3cd43a6b846cd212b0777
433d0afc1c06e47cd75350746f1aa73e3076a098
e1955f9051d9175bdda73af2360d8e82221050eb632d8488b164aa364eb413ae
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145510
Date: Wed, 08 Feb 2023 07:57:21 GMT
Etag: "63e2d80e-1d7"
Expires: Fri, 10 Feb 2023 00:22:31 GMT
Last-Modified: Tue, 07 Feb 2023 23:00:30 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k_g34ENm8uvkBp6U-V7jEc5en0QTWVaBZxs0xJcPX8GA1K98M4ffrA==
Age: 4921
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6&svrid=-56&flavor=cors&vi=GOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0&modifiedSince=1647975459642&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=3920858201&en=ovxxhecl&end=1
52.204.31.54200 OK 702 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6&svrid=-56&flavor=cors&vi=GOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0&modifiedSince=1647975459642&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=3920858201&en=ovxxhecl&end=1
IP 52.204.31.54:0
File type ASCII text, with very long lines (702), with no line terminators
Hash 0ba95e1f414ae9acc6f23d5f03365e6f
07316fbc9afdf7a84f851a0c83283da0464a1f1e
5547eae274278bc561989278152ceaac19535a9ed9e03e018e44879295acb8fe
POST /bf?type=js3&sn=v_4_srv_-2D56_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6&svrid=-56&flavor=cors&vi=GOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0&modifiedSince=1647975459642&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=3920858201&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1209
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 07:57:21 GMT
content-type: text/plain;charset=utf-8
content-length: 702
set-cookie: dtCookie=v_4_srv_4_sn_2B08D8CA50B2E13A0E27A0060FD3F3C2_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: http://20.94.62.51
cache-control: no-cache
X-Firefox-Spdy: h2
bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_8_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=8&flavor=cors&vi=GOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0&modifiedSince=1675841340305&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=32496775&en=ovxxhecl&end=1
52.204.31.54200 OK 210 B URL HTTP/2 bf73995led.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_8_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=8&flavor=cors&vi=GOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0&modifiedSince=1675841340305&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=32496775&en=ovxxhecl&end=1
IP 52.204.31.54:0
File type ASCII text, with no line terminators
Hash 80e910fac677bc8ac4f464d79f57963f
ffa62ad1ffb97989417eb08264d08f34a5247438
5787727b11b495500ad6b8ccedc653b48226ce3cd5b565c1b8572123fd55981b
POST /bf?type=js3&sn=v_4_srv_8_sn_LF3O9HA2BJC7N9NPVNTIE9T2CD3B1SC6_app-3A189e25234ffe70ce_1_ol_0_perc_100000_mul_1&svrid=8&flavor=cors&vi=GOFUKQHCMKRMPRSHQFTJNLCAIOBUHTER-0&modifiedSince=1675841340305&rf=http%3A%2F%2F20.94.62.51%2Flogin%2Findex.php&bp=3&app=189e25234ffe70ce&crc=32496775&en=ovxxhecl&end=1 HTTP/1.1
Host: bf73995led.bf.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4769
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 07:57:23 GMT
content-type: text/plain;charset=utf-8
content-length: 210
set-cookie: dtCookie=v_4_srv_5_sn_A58D7F20B99ECB4DA07541D3797B57E8_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Domain=.dynatrace.com
x-oneagent-js-injection: true
access-control-allow-origin: http://20.94.62.51
cache-control: no-cache
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=1003849302.1648069470
216.239.34.178200 OK 0 B URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-W9SBWRL&cid=1003849302.1648069470
IP 216.239.34.178:0
GET /gtm/js?id=GTM-W9SBWRL&cid=1003849302.1648069470 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 07:57:19 GMT
expires: Wed, 08 Feb 2023 07:57:19 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
54.230.111.106200 OK 0 B URL HTTP/2 js-cdn.dynatrace.com/jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js
IP 54.230.111.106:0
GET /jstag/157944990f8/bf73995led/189e25234ffe70ce_complete.js HTTP/1.1
Host: js-cdn.dynatrace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://20.94.62.51
Connection: keep-alive
Referer: http://20.94.62.51/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
date: Wed, 08 Feb 2023 07:02:45 GMT
timing-allow-origin: *
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-source: Cluster
dynatrace-response-id: 7G864BKC722Q
expires: Wed, 08 Feb 2023 08:02:45 GMT
cache-control: public, max-age=3600
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zb_1Mcyen6ky8ILkPwy6VWYFskE3DCzJ05JvWGzZ3jBtqCElwQSLCg==
age: 3273
X-Firefox-Spdy: h2