cosmetiic.site/
81.88.57.70200 OK 84 B IP 81.88.57.70:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 6533e9e3f4ff590a1c2640f111f44fcd
a2537b82b367e7de17d1acce9da3741bacd65e98
1a869d5d93c9927d972a58e4802078508c2e6f267ee4e65dd8b315d22dee721d
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cosmetiic.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:07 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 19:49:09 GMT
Accept-Ranges: bytes
Content-Length: 84
Connection: close
Content-Type: text/html
Content-Language: pt
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 13:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iE73xS9S-devsOxcp2EVD9Avt8P03MmV5Q2ufQWAVxAOZozprXZhVw==
Age: 3423
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8494
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 14:44:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 74134730f642b6f6dfeca3ecc61a329e
668914cc93cceb123d199a45df13ad764704fa84
d681a4c2e20a6019c7e2d980cbfa77b34db9356899099296c3b8b4263ca5fb5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D681A4C2E20A6019C7E2D980CBFA77B34DB9356899099296C3B8B4263CA5FB5F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9736
Expires: Tue, 04 Oct 2022 17:26:23 GMT
Date: Tue, 04 Oct 2022 14:44:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hZW+6oHKfRnQgEigYfEDDtqlBu+CPdnAjOKHvi0xHvhgivEYe//ZK8T+5IVaz/sHmFSei6CL8Hk=
x-amz-request-id: N1XN4ZQRXKRCQZEF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 13:51:23 GMT
age: 3164
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:44:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.cosmetiic.pt/
81.88.57.70200 OK 794 B IP 81.88.57.70:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6a92b5dc3fcd336f24ea57ea35ee7326
130e1669d0bc57cb3a986bd69fe37c5732e31dd8
01ca4ad1050d6dceb6c1495fce83128a8646d98117cd8dc4a447654543db5322
GET / HTTP/1.1
Host: www.cosmetiic.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cosmetiic.site/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:07 GMT
Server: Apache
Vary: Host
Last-Modified: Thu, 22 Sep 2022 10:22:45 GMT
Accept-Ranges: bytes
Content-Length: 794
Connection: close
Content-Type: text/html
Content-Language: pt
www.cosmetiic.pt/favicon.ico
81.88.57.70404 Not Found 209 B URL HTTP/1.1 www.cosmetiic.pt/favicon.ico
IP 81.88.57.70:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
GET /favicon.ico HTTP/1.1
Host: www.cosmetiic.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cosmetiic.pt/
HTTP/1.1 404 Not Found
Date: Tue, 04 Oct 2022 14:44:07 GMT
Server: Apache
Content-Length: 209
Connection: close
Content-Type: text/html; charset=iso-8859-1
courtesy.amen.pt/index.html
81.88.57.98302 Found 24 B URL HTTP/1.1 courtesy.amen.pt/index.html
IP 81.88.57.98:0
ASN #39729 Register S.p.A.
Hash 383279986f3168f37e8a9f4610cd248b
dbd64fa31f303f0162584b3068ea98ad64740cd8
652bc94d77c436a047679916304dc74547418b0d1f5853cf8a0615d78f6742bd
GET /index.html HTTP/1.1
Host: courtesy.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cosmetiic.pt/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 04 Oct 2022 14:44:07 GMT
Server: Apache
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24
Connection: close
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 14:29:33 GMT
Expires: Tue, 04 Oct 2022 14:31:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D2BiVNLYrN6MyJA8nEisHyTYHeDP-ynOGBMsEOyZ-K-OVZVRWtU6xg==
Age: 874
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash dec028287e2949639a87c7302c7d0715
a4a84b138d071efc568bff145f4569026fd5a717
bcfd3f99e806514289e3d9028960e47e718dc6bd1a93d9446ce1ea6ff6fa6c68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 04:49:35 GMT
Expires: Mon, 10 Oct 2022 04:49:34 GMT
Etag: "a4a84b138d071efc568bff145f4569026fd5a717"
Cache-Control: max-age=482125,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754eb19e88980b45-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6295
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:08 GMT
Last-Modified: Tue, 04 Oct 2022 12:59:13 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.126.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.126.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +vzqfeZ7Ng8m295nECNSUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tdRSelhioZtIgY0+laB/IcE7eQ4=
www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
81.88.58.199200 OK 7.4 kB URL HTTP/1.1 www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash b49a00605537fa2cd549806bad4697f6
49c2ef7eef30d1983ae41c613f072c241632d299
c0162ff1c103ffd873a58ad88a2ea840f82ea441172ebe9d06da6ea45a3ddac3
GET /pp-dr/?a=b&host=Y29zbWV0aWljLnB0 HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cosmetiic.pt/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Mon, 23 Nov 2020 15:34:03 GMT
Link: <https://www.amen.pt/wp-json/>; rel="https://api.w.org/", <https://www.amen.pt/wp-json/wp/v2/pages/955>; rel="alternate"; type="application/json", <https://www.amen.pt/?p=955>; rel=shortlink
Pragma: public
Strict-Transport-Security: max-age=15768000;
Content-Encoding: gzip
Content-Length: 7389
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
code.jquery.com/jquery-1.12.3.min.js?ver=1.12.3
69.16.175.10200 OK 34 kB URL HTTP/2 code.jquery.com/jquery-1.12.3.min.js?ver=1.12.3
IP 69.16.175.10:0
File type ASCII text, with very long lines (32029)
Hash beaa31f7f88eb05cb5e5bf01ce96dc18
4556f88a741898c3b87c39f22c7dae1a19c8c23b
b9b4822df88f4e406f7533efac270146997e0fb0e5b0bd58789e63a04eeda671
GET /jquery-1.12.3.min.js?ver=1.12.3 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:08 GMT
content-encoding: gzip
content-length: 33773
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-17b9c"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664894648.dop208.sk1.t,1664894648.cds066.sk1.hn,1664894648.cds202.sk1.c
X-Firefox-Spdy: h2
www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-amenpt-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
81.88.58.199200 OK 39 kB URL HTTP/1.1 www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-amenpt-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type Unicode text, UTF-8 text, with very long lines (29698)
Hash 93375de557ceb01a1eb9d3937001a684
6141cb8c503d3f5d8ccc75bcad92bbb0687e8e42
3e1165d16434d6fb69a79440356e13c37d6d1dbe76a143403f9881d1c1bc6ccd
GET /wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-amenpt-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css; charset=utf-8
Expires: Tue, 04 Oct 2022 09:10:27 GMT
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 08:02:14 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
Cache-Control: max-age=3600, public
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 39245
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
code.jquery.com/jquery-migrate-1.4.0.min.js?ver=1.4.0
69.16.175.10200 OK 3.9 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.4.0.min.js?ver=1.4.0
IP 69.16.175.10:0
File type ASCII text, with very long lines (9535)
Hash ecc013140f61a0669d8011c3dc34eb5d
f4caefb2a7b21b44ec3198fe22c5ffa39f2a124c
20f6a81ad924e778e9a060ef4af60e024f9481e087849ca88216fdc8fe708fa0
GET /jquery-migrate-1.4.0.min.js?ver=1.4.0 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:08 GMT
content-encoding: gzip
content-length: 3885
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-25a0"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664894648.dop208.sk1.t,1664894648.cds066.sk1.hn,1664894648.cds212.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.amen.pt/_css/base_buttons.css
81.88.58.199200 OK 3.7 kB URL HTTP/1.1 www.amen.pt/_css/base_buttons.css
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type ASCII text, with CRLF line terminators
Hash dcaf52796622f4468439b733ee966de2
9e6c27e1bb782454eec54a3c0ab9ee45d49ccde5
45fb84ac772e0079ca28233d13331f69508b87a457f24cb46abdac63dff43775
GET /_css/base_buttons.css HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-amenpt-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Strict-Transport-Security: max-age=15768000;
Content-Security-Policy: frame-ancestors 'self' https://*.amen.pt/
Vary: X-Forwarded-Proto,Accept-Encoding
Last-Modified: Fri, 16 Sep 2022 14:15:19 GMT
ETag: "6f5ccf17-55d9-5e8cbfde1ebc0"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Content-Length: 3730
Accept-Ranges: bytes, bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js,wp-content/themes/dada/asset/js/dada-marketing-automation.js,wp-content/themes/dada/asset/js/dada-tracking-standalone.js
81.88.58.199200 OK 1.3 kB URL HTTP/1.1 www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js,wp-content/themes/dada/asset/js/dada-marketing-automation.js,wp-content/themes/dada/asset/js/dada-tracking-standalone.js
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (409)
Hash 74b0aede813815cf33e0d1f4f07b6ed8
bbe6660be74d4acda2c0c478545e6ae283a086b3
7d39ed9ccccda035a76c539cd67d1590c9b5e4921dbe1bfc77db0f980209a43b
GET /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/script.min.js,wp-content/themes/dada/asset/js/dada-marketing-automation.js,wp-content/themes/dada/asset/js/dada-tracking-standalone.js HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/x-javascript; charset=utf-8
Expires: Tue, 04 Oct 2022 09:10:28 GMT
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 08:02:13 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
Cache-Control: max-age=3600, public
X-Frame-Options: SAMEORIGIN
Content-Length: 1300
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 02b99269e77389397ac76f564b8f52ca
cf9284d47b8c08b7aa313d71f869b446732365c5
1a38cca23dcd6642e0eaf0249ae469a43cff69cf0d6441763f9382449af76f7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 03:18:47 GMT
Expires: Sun, 09 Oct 2022 03:18:46 GMT
Etag: "cf9284d47b8c08b7aa313d71f869b446732365c5"
Cache-Control: max-age=390277,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754eb1a2cbd00b45-OSL
www.amen.pt/wp-content/themes/dada/asset/js/lib/jquery.cookie.js
81.88.58.199200 OK 1.5 kB URL HTTP/1.1 www.amen.pt/wp-content/themes/dada/asset/js/lib/jquery.cookie.js
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
Hash 6cf4dd81cfb6e636470374d748f3ec63
9b8521b3f1287dbfb939c466b917094bde16fbf3
44031f5cbe2c85d10d7cb1d2fc91eb602e12658988c7a78971902521ea984a15
GET /wp-content/themes/dada/asset/js/lib/jquery.cookie.js HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 08:02:12 GMT
ETag: W/"63282204-c38"
Cache-Control: max-age=31536000, max-age=31536000, public
Expires: Wed, 04 Oct 2023 08:10:42 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 1456
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css,wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css
81.88.58.199200 OK 1.1 kB URL HTTP/1.1 www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css,wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (362)
Hash 6fb4b8de4b09bc2a14caeebc05bfa3e5
1ae4edcd60a985b7d0bb423fe6563695ef112bba
be455cc56f746001cd449af5ffcfe40d2e9d6df8696382fb66728f2de7713a8c
GET /wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wpml-cms-nav/res/css/cms-navigation-base.css,wp-content/plugins/wpml-cms-nav/res/css/cms-navigation.css HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css; charset=utf-8
Expires: Tue, 04 Oct 2022 09:10:28 GMT
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 08:02:14 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
Cache-Control: max-age=3600, public
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 1092
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/dada/asset/js/lib/jquery.mobile.touch.js,wp-includes/js/wp-embed.min.js,wp-content/themes/dada/asset/js/dada-www.js,wp-content/themes/dada/asset/js/dada-request-collector.js,wp-content/themes/dada/asset/js/dada-language.js
81.88.58.199200 OK 21 kB URL HTTP/1.1 www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-content/themes/dada/asset/js/lib/jquery.mobile.touch.js,wp-includes/js/wp-embed.min.js,wp-content/themes/dada/asset/js/dada-www.js,wp-content/themes/dada/asset/js/dada-request-collector.js,wp-content/themes/dada/asset/js/dada-language.js
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (6320)
Hash 502d2f319053702c1f8aa1fa75ef56c0
6b333ba824d2c4cb9b0eb4356eef5c99cc827472
21232688464cf7449144cf8af2d010eacfad1e2c44f823433f16daad4c3c8cf0
GET /wp-content/plugins/bwp-minify/min/?f=wp-content/themes/dada/asset/js/lib/jquery.mobile.touch.js,wp-includes/js/wp-embed.min.js,wp-content/themes/dada/asset/js/dada-www.js,wp-content/themes/dada/asset/js/dada-request-collector.js,wp-content/themes/dada/asset/js/dada-language.js HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/x-javascript; charset=utf-8
Expires: Tue, 04 Oct 2022 09:10:28 GMT
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 08:02:14 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
Cache-Control: max-age=3600, public
X-Frame-Options: SAMEORIGIN
Content-Length: 20999
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
cmp.teamblue.services/js/cmp_standalone.min.js
81.88.57.79200 OK 10 kB URL HTTP/1.1 cmp.teamblue.services/js/cmp_standalone.min.js
IP 81.88.57.79:0
ASN #39729 Register S.p.A.
File type HTML document, Unicode text, UTF-8 text, with very long lines (27376), with no line terminators
Hash 01c87ea9a98e8cdc802632b07fd48d81
68e3a0fe543e927b9d5a77653b2df6ab99b00f57
1e7f98ad32a722cdd2043129a85363b13b5e57096ba5df22282fa10e90bb1f26
GET /js/cmp_standalone.min.js HTTP/1.1
Host: cmp.teamblue.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:08 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 08:53:19 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"63282dff-6af1"
Expires: Mon, 03 Oct 2022 14:44:08 GMT
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Encoding: gzip
www.amen.pt/wp-content/uploads/2016/10/parking_Icon_02.png
81.88.58.199200 OK 959 B URL HTTP/1.1 www.amen.pt/wp-content/uploads/2016/10/parking_Icon_02.png
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash fcbab46186074a5da5b7020334dc2e4a
40613854806f2e746d7266c3b0b2bd5fee81ac66
2ee67eba3d4ba8702727f8b286a883b2763635f3d16cbd5341416075953f37b7
GET /wp-content/uploads/2016/10/parking_Icon_02.png HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Last-Modified: Tue, 11 Oct 2016 07:35:24 GMT
ETag: "57fc963c-3bf"
Cache-Control: max-age=31536000, max-age=31536000, public
Expires: Wed, 04 Oct 2023 08:11:27 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Content-Length: 959
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
www.amen.pt/wp-content/uploads/2016/10/parking_Icon_01.png
81.88.58.199200 OK 1.3 kB URL HTTP/1.1 www.amen.pt/wp-content/uploads/2016/10/parking_Icon_01.png
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type PNG image data, 110 x 110, 8-bit colormap, non-interlaced\012- data
Hash 366d2ed8132f6b4ea05eb2e06bd623ce
4b1e4112d672c946a57da6d1669b155ed7274721
bab98a0bc951ea3e14b11907d25b7c8b52afac5d3b7fc818e22733c52837d601
GET /wp-content/uploads/2016/10/parking_Icon_01.png HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Last-Modified: Tue, 11 Oct 2016 07:35:23 GMT
ETag: "57fc963b-52d"
Cache-Control: max-age=31536000, max-age=31536000, public
Expires: Wed, 04 Oct 2023 08:11:27 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Content-Length: 1325
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
www.amen.pt/_img/header/logo.png
81.88.58.199200 OK 3.0 kB URL HTTP/1.1 www.amen.pt/_img/header/logo.png
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type PNG image data, 158 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 60d4209076c84229a54a082b33e38f90
44db2aeac0c241d41e445a71bbe2cf0b52ee51ee
04f69012f7f5c318f70eca5a01e3f55cda6fcd9c7b452ec49dc9380c7179c729
GET /_img/header/logo.png HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache
Strict-Transport-Security: max-age=15768000;
Content-Security-Policy: frame-ancestors 'self' https://*.amen.pt/
Vary: X-Forwarded-Proto
Last-Modified: Tue, 09 Mar 2021 09:44:56 GMT
ETag: "6b38e282-b9e-5bd1767263384"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Content-Length: 2974
Accept-Ranges: bytes, bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
cmp.teamblue.services/js/cmp_all.min.js?v=1.0.36
81.88.57.79200 OK 34 kB URL HTTP/1.1 cmp.teamblue.services/js/cmp_all.min.js?v=1.0.36
IP 81.88.57.79:0
ASN #39729 Register S.p.A.
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash 2f3501cc087aa1409f1f69bbabc25749
469ba17df0e8492add7eed61740c91f66ff0c491
c242616e3b5265bd0d3abe955b9fb891505701972841afec1425695fa3f2a7af
GET /js/cmp_all.min.js?v=1.0.36 HTTP/1.1
Host: cmp.teamblue.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:08 GMT
Content-Type: application/javascript
Last-Modified: Mon, 26 Sep 2022 00:10:38 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"6330edfe-17f7e"
Access-Control-Allow-Methods: DELETE, GET, HEAD, POST, PUT, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.amen.pt/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
81.88.58.199200 OK 5.3 kB URL HTTP/1.1 www.amen.pt/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (11272)
Hash bd229439861ef80c0ca1544bec369523
2ca88131b2886b19eef9aa51a759d7a4033d3b79
9820419aa4c896ce97d9c318d7671aa5958de4445c063a1b84fa3eb9ed8fbff5
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1 HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 08:02:14 GMT
ETag: W/"63282206-3795"
Cache-Control: max-age=31536000, max-age=31536000, public
Expires: Wed, 04 Oct 2023 08:10:43 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Content-Length: 5269
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.amen.pt/wp-content/themes/dada/asset/fonts/dadaiconfont.woff
81.88.58.199200 OK 17 kB URL HTTP/1.1 www.amen.pt/wp-content/themes/dada/asset/fonts/dadaiconfont.woff
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type Web Open Font Format, CFF, length 17272, version 1.0\012- data
Hash ed4446a1d025e7a037bdcb6a0a260884
5bcbba5dc1a23c75d0d0332f3ea4b4932f66a838
3c7538979141f84163dac40ce27d4c79e6610b6c65586f98a72071f2ccb5691b
GET /wp-content/themes/dada/asset/fonts/dadaiconfont.woff HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.amen.pt/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/themes/dada/style.css,wp-content/themes/dada-amenpt-child/style.css,wp-content/themes/dada/asset/css/dadaiconfont.css,wp-content/plugins/ht-knowledge-base/css/hkb-style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/font-woff
Last-Modified: Mon, 19 Sep 2022 08:02:12 GMT
ETag: "63282204-4378"
Cache-Control: max-age=31536000, max-age=31536000, public
Expires: Wed, 04 Oct 2023 08:10:43 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Content-Length: 17272
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:09 GMT
www.amen.pt/wp-content/uploads/2016/10/CrossBanner_website_001.jpg
81.88.58.199200 OK 176 kB URL HTTP/1.1 www.amen.pt/wp-content/uploads/2016/10/CrossBanner_website_001.jpg
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x600, components 3\012- data
Size 176 kB (176279 bytes)
Hash 4533ea3eb3798a43cfbcb51ab00ff10d
f054d9e99fe3fa282f59f7f01a3576d0478f0696
288c6793b3bc4a1a0cbdbac39575240b4658b272a098551593e62add15a406b1
GET /wp-content/uploads/2016/10/CrossBanner_website_001.jpg HTTP/1.1
Host: www.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/pp-dr/?a=b&host=Y29zbWV0aWljLnB0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/jpeg
Last-Modified: Tue, 11 Oct 2016 07:35:01 GMT
ETag: "57fc9625-2b097"
Cache-Control: max-age=31536000, max-age=31536000, public
Expires: Wed, 04 Oct 2023 08:11:29 GMT
Pragma: public
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Content-Length: 176279
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 14:44:08 GMT
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,300italic,400italic
142.250.74.10200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,300italic,400italic
IP 142.250.74.10:0
Hash ec79b15d7af7f0c20a80b4814709b680
e0fb59c2f4b9def9b89a7bdd5ed7505c77f82086
5b0275c57a5aae66b4e1e15b03ec4a662e07ad5d91cf7a1455fad1d7cdebd659
GET /css?family=Source+Sans+Pro:300,400,600,300italic,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 14:44:08 GMT
date: Tue, 04 Oct 2022 14:44:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amen.pt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:28:31 GMT
expires: Thu, 28 Sep 2023 19:28:31 GMT
cache-control: public, max-age=31536000
age: 501338
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WH9LDRH
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WH9LDRH
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 61583a42f8a160f7395246d5bd1a1d5a
659bbcc12a402df9de4d7687f511a88944a62476
7541391b83eb710ad9410e38cdbff4098740e066ba34f34708110c5599f7cce2
GET /gtm.js?id=GTM-WH9LDRH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 14:44:09 GMT
expires: Tue, 04 Oct 2022 14:44:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amen.pt
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:26:57 GMT
expires: Thu, 28 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 501432
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent.cookiebot.com/uc.js?v=1.0.36
184.31.15.144200 OK 32 kB URL HTTP/2 consent.cookiebot.com/uc.js?v=1.0.36
IP 184.31.15.144:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash 3c4e162c3321e924fd3d27dc6d095f08
9d2027cab49aaf66a89a521c16133ba818ff3d9d
425713b3dc09882376e466e3e6798ade37f8262d82138cf0e11ecbe92e2d565b
GET /uc.js?v=1.0.36 HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 09:02:48 GMT
accept-ranges: bytes
etag: "0ac913d0d7d81:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 31718
cache-control: public, max-age=715
expires: Tue, 04 Oct 2022 14:56:04 GMT
date: Tue, 04 Oct 2022 14:44:09 GMT
X-Firefox-Spdy: h2
trk.amen.pt/js/skeletor.js
81.88.58.199200 OK 13 kB URL HTTP/1.1 trk.amen.pt/js/skeletor.js
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
File type HTML document, Unicode text, UTF-8 text, with very long lines (35590), with no line terminators
Hash 6d638635c23814d88569f2e74771f2cc
20fdca5e3883aa77b72e92cb2e0ddb52ef56f9b9
399054fef2663d7c9b5cde186c9dc750d6a78c478e4b6f70ec754d44da8daf5a
GET /js/skeletor.js HTTP/1.1
Host: trk.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:09 GMT
Content-Type: application/javascript
Last-Modified: Thu, 29 Sep 2022 14:28:59 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
ETag: W/"6335abab-8b07"
Expires: Mon, 03 Oct 2022 14:44:09 GMT
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Content-Encoding: gzip
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash e7268eccad39bd651697fa793a52cc5c
47299cefa2397b0c1d0c5bf232390a5cf1bcc4d3
907e16c84d35556e4ed841a3511915e6d4bb4e9d68cfca178a740e90b4d80e35
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31175407
expires: Sat, 30 Sep 2023 10:34:16 GMT
date: Tue, 04 Oct 2022 14:44:09 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 14:41:09 GMT
expires: Tue, 04 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 180
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v2.zopim.com/?1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD
104.16.107.139302 Found 71 kB URL HTTP/2 v2.zopim.com/?1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD
IP 104.16.107.139:0
File type gzip compressed data, from Unix\012- data
Hash f712ba9650388482ed12ccb1c6f59c0e
a85feede77618e9ae877298ac6706223a986ee70
bf9650bb562cba1032e8ec39f301b5a9b6d0bdd2070464bfe1edfeda17c372f0
GET /?1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 04 Oct 2022 14:44:09 GMT
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb1a578cdb4eb-OSL
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/consentconfig/9e8923a7-3cfc-4727-aae6-30e87ba34f67/state.js
104.110.3.72200 OK 50 B URL HTTP/2 consentcdn.cookiebot.com/consentconfig/9e8923a7-3cfc-4727-aae6-30e87ba34f67/state.js
IP 104.110.3.72:0
File type ASCII text, with no line terminators
Hash 11162cf300c563c78b68778aba71c14b
61a397c20a7867448b1beda7a314a298555862b8
aa5aeeb724c2185d46aed9abd8a3cf57c1e0399a90deb7c69ebcf2b36b04d9aa
GET /consentconfig/9e8923a7-3cfc-4727-aae6-30e87ba34f67/state.js HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "8fabfd3bb9b067b11ad664181b30fa66:1615390929.633141"
last-modified: Wed, 10 Mar 2021 15:42:09 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 50
cache-control: max-age=16399
expires: Tue, 04 Oct 2022 19:17:28 GMT
date: Tue, 04 Oct 2022 14:44:09 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
trk.amen.pt/server/he-man_server?tkq=dHJrQ19lU0YlM0R3d3cuYW1lbi5wdCUyNTJGcHAtZHIlMjUyRiUyNnRya0NfZVNVQiUzRHd3dy5hbWVuLnB0JTI2Y0RPTSUzRC5hbWVuLnB0JTI2dHJrQ19lSFIlM0RodHRwJTI1M0ElMjUyRiUyNTJGd3d3LmNvc21ldGlpYy5wdCUyNTJGJTI2dHJrQ19lVUElM0RNb3ppbGxhJTI1MkY1LjAlMjUyMCUyOFgxMSUyNTNCJTI1MjBMaW51eCUyNTIweDg2XzY0JTI1M0IlMjUyMHJ2JTI1M0E5Ni4wJTI5JTI1MjBHZWNrbyUyNTJGMjAxMDAxMDElMjUyMEZpcmVmb3glMjUyRjk2LjAlMjZ0cmtDX2xhbiUzRGVuJTI2dHJrQ19lUVMlM0RhJTI1M0RiJTI1MjZob3N0JTI1M0RZMjl6YldWMGFXbGpMbkIwJTI2dHJrQ19mcmFnbWVudCUzRCUyNmVQQUdWQVJTJTNEYldFbE0wUXhKVEkyZEhKclExOXNiMmRuWldRbE0wUXdKVEkyZEhKclExOW9ZWE5vSlRORU1UWTJORGc1TkRZME9EZzFOMTluT0hweGVUVnRaR2hyZEY5d2EyOXZhSEVsTWpaMGNtdERYM0J5Y1NVelJEQWxNalowY210RFgyVlJVeVV6UkdFbE1qVXpSR0lsTWpVeU5taHZjM1FsTWpVelJGa3lPWHBpVjFZd1lWZHNha3h1UWpBJTI1M0QlMjZ0cmtfaW50ZXJuYWwlM0RmYWxzZSUyNnNldE1haW5Db29raWVzJTNEdHJ1ZQ==
81.88.58.199200 OK 0 B URL HTTP/1.1 trk.amen.pt/server/he-man_server?tkq=dHJrQ19lU0YlM0R3d3cuYW1lbi5wdCUyNTJGcHAtZHIlMjUyRiUyNnRya0NfZVNVQiUzRHd3dy5hbWVuLnB0JTI2Y0RPTSUzRC5hbWVuLnB0JTI2dHJrQ19lSFIlM0RodHRwJTI1M0ElMjUyRiUyNTJGd3d3LmNvc21ldGlpYy5wdCUyNTJGJTI2dHJrQ19lVUElM0RNb3ppbGxhJTI1MkY1LjAlMjUyMCUyOFgxMSUyNTNCJTI1MjBMaW51eCUyNTIweDg2XzY0JTI1M0IlMjUyMHJ2JTI1M0E5Ni4wJTI5JTI1MjBHZWNrbyUyNTJGMjAxMDAxMDElMjUyMEZpcmVmb3glMjUyRjk2LjAlMjZ0cmtDX2xhbiUzRGVuJTI2dHJrQ19lUVMlM0RhJTI1M0RiJTI1MjZob3N0JTI1M0RZMjl6YldWMGFXbGpMbkIwJTI2dHJrQ19mcmFnbWVudCUzRCUyNmVQQUdWQVJTJTNEYldFbE0wUXhKVEkyZEhKclExOXNiMmRuWldRbE0wUXdKVEkyZEhKclExOW9ZWE5vSlRORU1UWTJORGc1TkRZME9EZzFOMTluT0hweGVUVnRaR2hyZEY5d2EyOXZhSEVsTWpaMGNtdERYM0J5Y1NVelJEQWxNalowY210RFgyVlJVeVV6UkdFbE1qVXpSR0lsTWpVeU5taHZjM1FsTWpVelJGa3lPWHBpVjFZd1lWZHNha3h1UWpBJTI1M0QlMjZ0cmtfaW50ZXJuYWwlM0RmYWxzZSUyNnNldE1haW5Db29raWVzJTNEdHJ1ZQ==
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server/he-man_server?tkq=dHJrQ19lU0YlM0R3d3cuYW1lbi5wdCUyNTJGcHAtZHIlMjUyRiUyNnRya0NfZVNVQiUzRHd3dy5hbWVuLnB0JTI2Y0RPTSUzRC5hbWVuLnB0JTI2dHJrQ19lSFIlM0RodHRwJTI1M0ElMjUyRiUyNTJGd3d3LmNvc21ldGlpYy5wdCUyNTJGJTI2dHJrQ19lVUElM0RNb3ppbGxhJTI1MkY1LjAlMjUyMCUyOFgxMSUyNTNCJTI1MjBMaW51eCUyNTIweDg2XzY0JTI1M0IlMjUyMHJ2JTI1M0E5Ni4wJTI5JTI1MjBHZWNrbyUyNTJGMjAxMDAxMDElMjUyMEZpcmVmb3glMjUyRjk2LjAlMjZ0cmtDX2xhbiUzRGVuJTI2dHJrQ19lUVMlM0RhJTI1M0RiJTI1MjZob3N0JTI1M0RZMjl6YldWMGFXbGpMbkIwJTI2dHJrQ19mcmFnbWVudCUzRCUyNmVQQUdWQVJTJTNEYldFbE0wUXhKVEkyZEhKclExOXNiMmRuWldRbE0wUXdKVEkyZEhKclExOW9ZWE5vSlRORU1UWTJORGc1TkRZME9EZzFOMTluT0hweGVUVnRaR2hyZEY5d2EyOXZhSEVsTWpaMGNtdERYM0J5Y1NVelJEQWxNalowY210RFgyVlJVeVV6UkdFbE1qVXpSR0lsTWpVeU5taHZjM1FsTWpVelJGa3lPWHBpVjFZd1lWZHNha3h1UWpBJTI1M0QlMjZ0cmtfaW50ZXJuYWwlM0RmYWxzZSUyNnNldE1haW5Db29raWVzJTNEdHJ1ZQ== HTTP/1.1
Host: trk.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Set-Cookie: _wicasa=JSON_eyJjaWQiOiJlMDEzZDljNzIxNDUwMGNmODQwY2FhMDAwNDUyN2ZlZSIsImNrdGltZSI6IjE2NjQ4OTQ2NDkiLCJzY3AiOiIxIiwicGsiOiJSMDEiLCJja2Jvcm4iOiIxNjY0ODk0NjQ5IiwibGFzdHJlZiI6Ind3dy5hbWVuLnB0XC9wcC1kclwvIiwibGFzdGRvbXNyYyI6IiIsImlzY2xpIjoiMCJ9; expires=Mon, 02-Jan-2023 14:44:09 GMT; Max-Age=7776000; path=/; Secure; SameSite=None; domain=amen.pt
_ashkii=JSON_eyJzaWQiOiJlMDEzZDljNzIxNDUwMGNmODQwY2FhMDAwNDUyN2ZlZSIsImNrdGltZSI6IjE2NjQ4OTQ2NDkiLCJzc3AiOiIxIiwicHAiOiJSMDEifQ%3D%3D; path=/; Secure; SameSite=None; domain=amen.pt
cookid=e013d9c7214500cf840caa0004527fee; expires=Mon, 02-Jan-2023 14:44:09 GMT; Max-Age=7776000; path=/; Secure; SameSite=None; domain=amen.pt
dbmFP=e013d9c7214500cf840caa0004527fee.R01; expires=Mon, 02-Jan-2023 14:44:09 GMT; Max-Age=7776000; path=/; Secure; SameSite=None; domain=amen.pt
dbmPK=e013d9c7214500cf840caa0004527fee.R01; expires=Mon, 02-Jan-2023 14:44:09 GMT; Max-Age=7776000; path=/; Secure; SameSite=None; domain=amen.pt
Access-Control-Allow-Methods: DELETE, GET, HEAD, POST, PUT, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
Access-Control-Allow-Credentials: true
v2.zopim.com/w?1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD
104.16.107.139302 Found 0 B URL HTTP/2 v2.zopim.com/w?1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD
IP 104.16.107.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w?1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 04 Oct 2022 14:44:09 GMT
content-type: application/octet-stream
content-length: 0
location: https://v2.zopim.com/bin/v/widget_v2.334.js
etag: "62e9bace-0"
expires: Tue, 04 Oct 2022 18:44:09 GMT
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 754eb1a87c71b4eb-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8958
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8958
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8958
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:44:09 GMT
Connection: keep-alive
ekr.zdassets.com/compose/zopim_chat/1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD
104.18.72.113200 OK 153 B URL HTTP/2 ekr.zdassets.com/compose/zopim_chat/1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD
IP 104.18.72.113:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4a3943d7b3ebb063686da7c6b0a23a14
525d33f6f4d65e428c799bd22453edecf02a3713
d3398cc31ba28e2099a71f94afb46be9be774f15634f992482d97655c8c0859b
GET /compose/zopim_chat/1v1kfYs3b7qVZcCd07BZmhMsO1q5ivlD HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amen.pt
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:09 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
etag: W/"1dc11ecab201d1aa35478e22aa048aee"
x-request-id: 24418a1b183b401e3e10faaa29000297, 24418a1b183b401e3e10faaa29000297
x-runtime: 0.005025
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbCjlRAs8uCTBs2lC1BQDJ8mvv8FJ6YXu63dHIBY5dnzqMWu81S1QQRSvx6%2FVXNgedsNLS%2B1gFwbrUIhJHtjjx4juhVzF3szY%2F2vHCGWk%2B%2Bgl5j3rbqJDzLLS3lDhPmrDa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 754eb1a65c45b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8958
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8958
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:44:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 61174
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61189
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62719b24a32198c6f462a0a0412ac98
d893d8035379e06e53e365b9f47f5da40bff932b
ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZaoEBhn_F_zDvoalcEpb4PtdGMuU9stAktSCviy5SsaaBaxYUJ6Fg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61189
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 61176
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 61189
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 36078
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trk.amen.pt/messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE2NjQ4OTQ2NDg4NTdfZzh6cXk1bWRoa3RfcGtvb2hxJTIyJTJDJTIyZG9tYWluJTIyJTNBJTIyYW1lbi5wdCUyMiUyQyUyMmZpZWxkJTIyJTNBJTIycGVyZm9ybWFuY2UlMjIlMkMlMjJtb2RlJTIyJTNBJTIyc2V0JTIyJTJDJTIybWVzc2FnZSUyMiUzQSU3QiUyMnRpbWluZ3MlMjIlM0ElN0IlMjJwYWdlTG9hZFRpbWUlMjIlM0ExODQ0JTJDJTIyY29ubmVjdFRpbWUlMjIlM0E0ODAlMkMlMjJyZW5kZXJUaW1lJTIyJTNBODg3JTdEJTJDJTIycmVzb3VyY2VzJTIyJTNBJTdCJTIybnVtYmVyJTIyJTNBMzUlMkMlMjJzaXplJTIyJTNBMzk5Njc0JTdEJTJDJTIycGFnZSUyMiUzQSUyMnd3dy5hbWVuLnB0L3BwLWRyLyUyMiUyQyUyMnVzZXJfYWdlbnQlMjIlM0ElMjJNb3ppbGxhLzUuMCUyMCUyOFgxMSUzQiUyMExpbnV4JTIweDg2XzY0JTNCJTIwcnYlM0E5Ni4wJTI5JTIwR2Vja28vMjAxMDAxMDElMjBGaXJlZm94Lzk2LjAlMjIlN0QlN0Q=
81.88.58.199200 OK 0 B URL HTTP/1.1 trk.amen.pt/messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE2NjQ4OTQ2NDg4NTdfZzh6cXk1bWRoa3RfcGtvb2hxJTIyJTJDJTIyZG9tYWluJTIyJTNBJTIyYW1lbi5wdCUyMiUyQyUyMmZpZWxkJTIyJTNBJTIycGVyZm9ybWFuY2UlMjIlMkMlMjJtb2RlJTIyJTNBJTIyc2V0JTIyJTJDJTIybWVzc2FnZSUyMiUzQSU3QiUyMnRpbWluZ3MlMjIlM0ElN0IlMjJwYWdlTG9hZFRpbWUlMjIlM0ExODQ0JTJDJTIyY29ubmVjdFRpbWUlMjIlM0E0ODAlMkMlMjJyZW5kZXJUaW1lJTIyJTNBODg3JTdEJTJDJTIycmVzb3VyY2VzJTIyJTNBJTdCJTIybnVtYmVyJTIyJTNBMzUlMkMlMjJzaXplJTIyJTNBMzk5Njc0JTdEJTJDJTIycGFnZSUyMiUzQSUyMnd3dy5hbWVuLnB0L3BwLWRyLyUyMiUyQyUyMnVzZXJfYWdlbnQlMjIlM0ElMjJNb3ppbGxhLzUuMCUyMCUyOFgxMSUzQiUyMExpbnV4JTIweDg2XzY0JTNCJTIwcnYlM0E5Ni4wJTI5JTIwR2Vja28vMjAxMDAxMDElMjBGaXJlZm94Lzk2LjAlMjIlN0QlN0Q=
IP 81.88.58.199:0
ASN #39729 Register S.p.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /messages/he-man_messages?tke=JTdCJTIyaGFzaCUyMiUzQSUyMjE2NjQ4OTQ2NDg4NTdfZzh6cXk1bWRoa3RfcGtvb2hxJTIyJTJDJTIyZG9tYWluJTIyJTNBJTIyYW1lbi5wdCUyMiUyQyUyMmZpZWxkJTIyJTNBJTIycGVyZm9ybWFuY2UlMjIlMkMlMjJtb2RlJTIyJTNBJTIyc2V0JTIyJTJDJTIybWVzc2FnZSUyMiUzQSU3QiUyMnRpbWluZ3MlMjIlM0ElN0IlMjJwYWdlTG9hZFRpbWUlMjIlM0ExODQ0JTJDJTIyY29ubmVjdFRpbWUlMjIlM0E0ODAlMkMlMjJyZW5kZXJUaW1lJTIyJTNBODg3JTdEJTJDJTIycmVzb3VyY2VzJTIyJTNBJTdCJTIybnVtYmVyJTIyJTNBMzUlMkMlMjJzaXplJTIyJTNBMzk5Njc0JTdEJTJDJTIycGFnZSUyMiUzQSUyMnd3dy5hbWVuLnB0L3BwLWRyLyUyMiUyQyUyMnVzZXJfYWdlbnQlMjIlM0ElMjJNb3ppbGxhLzUuMCUyMCUyOFgxMSUzQiUyMExpbnV4JTIweDg2XzY0JTNCJTIwcnYlM0E5Ni4wJTI5JTIwR2Vja28vMjAxMDAxMDElMjBGaXJlZm94Lzk2LjAlMjIlN0QlN0Q= HTTP/1.1
Host: trk.amen.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Cookie: _wicasa=JSON_eyJjaWQiOiJlMDEzZDljNzIxNDUwMGNmODQwY2FhMDAwNDUyN2ZlZSIsImNrdGltZSI6IjE2NjQ4OTQ2NDkiLCJzY3AiOiIxIiwicGsiOiJSMDEiLCJja2Jvcm4iOiIxNjY0ODk0NjQ5IiwibGFzdHJlZiI6Ind3dy5hbWVuLnB0XC9wcC1kclwvIiwibGFzdGRvbXNyYyI6IiIsImlzY2xpIjoiMCJ9; _ashkii=JSON_eyJzaWQiOiJlMDEzZDljNzIxNDUwMGNmODQwY2FhMDAwNDUyN2ZlZSIsImNrdGltZSI6IjE2NjQ4OTQ2NDkiLCJzc3AiOiIxIiwicHAiOiJSMDEifQ%3D%3D; cookid=e013d9c7214500cf840caa0004527fee; dbmFP=e013d9c7214500cf840caa0004527fee.R01; dbmPK=e013d9c7214500cf840caa0004527fee.R01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:44:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Methods: DELETE, GET, HEAD, POST, PUT, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, X-XSRF-TOKEN
Access-Control-Allow-Credentials: true
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash dcdc91f132f0d0c236ad764b126f9285
9b6033b4f0d103f8617c1d6573115b58d1536f4e
761403d182a6a67e82186e5895894a3a0e3cefd0cc5083a060c6b2fa04e5e15c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 14:44:10 GMT
Last-Modified: Tue, 04 Oct 2022 13:56:47 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mWF1Nfyo5DFIKPxM9cYhjtamNFIuOpYRRqoGhpWhTKoPRZWs9F07rA==
Age: 2843
widget-mediator.zopim.com/s/W/ws/HHAegpaZ9KBgfUem/c/1664894649385
18.185.150.199101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/HHAegpaZ9KBgfUem/c/1664894649385
IP 18.185.150.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/HHAegpaZ9KBgfUem/c/1664894649385 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.amen.pt
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5q/KqBj2w6tYZ/iUYOZlhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 04 Oct 2022 14:44:10 GMT
Connection: upgrade
Set-Cookie: AWSALB=I7siDV7HA3I1fFmi26s0s9jM8NB+gOlbroy2kq+DpZxB9RyBmIH069a074XZICslhKCrjBN7P7FaR/RZwThqtAc5OG6c/LWhWHZwS8eSHDRur5I0HspTM6RlQFbv; Expires=Tue, 11 Oct 2022 14:44:10 GMT; Path=/
AWSALBCORS=I7siDV7HA3I1fFmi26s0s9jM8NB+gOlbroy2kq+DpZxB9RyBmIH069a074XZICslhKCrjBN7P7FaR/RZwThqtAc5OG6c/LWhWHZwS8eSHDRur5I0HspTM6RlQFbv; Expires=Tue, 11 Oct 2022 14:44:10 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: t6SRRxsGH+m3isIdlPk/pB1A48I=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
v2.zopim.com/widget/images/avatar_simple_visitor.png
104.16.107.139200 OK 638 B URL HTTP/2 v2.zopim.com/widget/images/avatar_simple_visitor.png
IP 104.16.107.139:0
File type PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced\012- data
Hash 3fac65d78e7f62804a6ca574c2a3bbd9
2baeb6d302f26c89e6265dd648868c8247561597
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c
GET /widget/images/avatar_simple_visitor.png HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:10 GMT
content-type: image/png
content-length: 638
cache-control: public, max-age=604800
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1922
etag: "58b8006b-782"
expires: Tue, 11 Oct 2022 14:44:10 GMT
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
cf-cache-status: HIT
age: 44404
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754eb1ad9a72b4eb-OSL
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 10341400
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754eb1a24cd7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js?ver=3.3.6
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js?ver=3.3.6
IP 104.18.10.207:0
GET /bootstrap/3.3.6/js/bootstrap.min.js?ver=3.3.6 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:42:07
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 5422960a90bb1006ff10e717d3a4f5cf
cdn-cache: HIT
cf-cache-status: HIT
age: 14204383
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754eb1a24cddb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zdassets.com/ekr/asset_composer.js
104.18.72.113200 OK 0 B URL HTTP/2 static.zdassets.com/ekr/asset_composer.js
IP 104.18.72.113:0
GET /ekr/asset_composer.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amen.pt/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:09 GMT
content-type: application/javascript
x-amz-id-2: dUZfshkH6s6HIQA7+U0tDhX+A5i1VSOF0AP1wrYwttudGl3FDx99SpKMnalxiwyFmxN4PZcqRnA=
x-amz-request-id: Y9E1NT7ZVNF7R3ZX
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
cf-cache-status: HIT
age: 16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZl2c2TpVu0IyXmCrSO95cMs7ObHtzt%2B%2BOOzQeo2Qe5OpHLQ3FZfBs2OpUoUl%2Be5Xp36LOlcme7swUOA0kSeEJC%2FGPHVJJnrHNFy5b3fxjXVpl3L8E04HTlbRcCpHdq8VYn6JAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 754eb1a5e9491bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
v2.zopim.com/lib/20220727.033422/__$$__stringtable_lang_pt.js
104.16.107.139200 OK 0 B URL HTTP/2 v2.zopim.com/lib/20220727.033422/__$$__stringtable_lang_pt.js
IP 104.16.107.139:0
GET /lib/20220727.033422/__$$__stringtable_lang_pt.js HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:09 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 27 Jul 2022 03:35:16 GMT
vary: Accept-Encoding
etag: W/"62e0b274-1657"
expires: Fri, 01 Oct 2032 14:44:09 GMT
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: HIT
age: 43223
server: cloudflare
cf-ray: 754eb1aa0e17b4eb-OSL
X-Firefox-Spdy: h2
v2.zopim.com/bin/v/widget_v2.334.js
104.16.107.139200 OK 0 B URL HTTP/2 v2.zopim.com/bin/v/widget_v2.334.js
IP 104.16.107.139:0
GET /bin/v/widget_v2.334.js HTTP/1.1
Host: v2.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amen.pt/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:09 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 27 Jul 2022 03:35:19 GMT
vary: Accept-Encoding
etag: W/"62e0b277-10301f"
expires: Fri, 01 Oct 2032 14:44:09 GMT
cache-control: public, max-age=315360000
content-encoding: gzip
cf-cache-status: HIT
age: 44399
server: cloudflare
cf-ray: 754eb1a8ccdab4eb-OSL
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amen.pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 14:44:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 02/17/2022 20:27:53
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 441a5c346e6138207e493340368ec0b9
cdn-cache: HIT
cf-cache-status: HIT
age: 10341009
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754eb1a22cc1b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2