r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4987
Expires: Thu, 27 Oct 2022 15:11:57 GMT
Date: Thu, 27 Oct 2022 13:48:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2086
Cache-Control: max-age=159425
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:50 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 10:05:55 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5062
Cache-Control: max-age=162401
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:50 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 10:55:31 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3336
Expires: Thu, 27 Oct 2022 14:44:26 GMT
Date: Thu, 27 Oct 2022 13:48:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 27 Oct 2022 13:41:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a2118f1c410caf604832e227d60598a
1fd90362314441d89e06ff0b9d9c2985178ea7fd
8698246366f75918cc056cd8b2e108ecf5183e44947634af9ffed1f766d9ed5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8698246366F75918CC056CD8B2E108ECF5183E44947634AF9FFED1F766D9ED5C"
Last-Modified: Tue, 25 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21101
Expires: Thu, 27 Oct 2022 19:40:31 GMT
Date: Thu, 27 Oct 2022 13:48:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Oa1qtAb6XDc7h7Ie5GzXXN3Q0x11+A3So9OMftqv2rKKTUyl8XDebrOtCGhUQtxlef7DQUJ7ve07Q0H1bEbE2g==
x-amz-request-id: 3DZDMCRJYRJDAA97
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 13:09:50 GMT
age: 2340
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 13:48:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
164.92.67.94200 OK 23 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 04cd0b2ef7144399f754f2863d9763d4
70f85f34817bb7b4b5da703c50710ddaaf7392b6
886963e4519514368db5188ba1c02a4cd163f28494f55139208a6bd8e8eed4ea
Analyzer Verdict Alert openphish Visa International Service Association
fortinet Phishing
GET /etapa3.php?27.Oct.2022.00.41.05 HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:50 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22846
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fc2bd42f015b8ae0720e576730ea077
80336adcf9c56e449ce0f5d70a0cf307b1f5efc0
d6cdb569693d45617b3d6faa0ddab2c2787d175b3821c442f30bc248087e5654
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6CDB569693D45617B3D6FAA0DDAB2C2787D175B3821C442F30BC248087E5654"
Last-Modified: Wed, 26 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4669
Expires: Thu, 27 Oct 2022 15:06:39 GMT
Date: Thu, 27 Oct 2022 13:48:50 GMT
Connection: keep-alive
static-resource.com/newapi/api?sourceId=1009&key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8020x&stub=61615&out=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&fic=1
185.117.89.7200 OK 67 B URL HTTP/1.1 static-resource.com/newapi/api?sourceId=1009&key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8020x&stub=61615&out=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&fic=1
IP 185.117.89.7:0
File type ASCII text, with no line terminators
Hash 39566affdb81180e39c9f8bc458737bf
bf71d14134c383495fe4833cf431801bb72b896c
763691c502acc35150264aa89600ca83d4811cc1744ebcedc72267f51d0bb0e8
GET /newapi/api?sourceId=1009&key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8020x&stub=61615&out=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&fic=1 HTTP/1.1
Host: static-resource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/javascript
Content-Length: 67
Connection: keep-alive
Set-Cookie: _la=1666878531; Secure; SameSite=None
_lt=0; Secure; SameSite=None
Referrer-Policy: no-referrer
vaidevisago.siteprofissional.com/style/jquery.mask.js
164.92.67.94200 OK 5.4 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/style/jquery.mask.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
Hash 30f566290c6e596c1b52e74303d00c5b
ac50d66678873b348d1d3f83f5183c3b7d3394ea
f92d4886c7a4d6c98df3a5de84c496bcf0fe13918bb493d2e179ac64f12b693f
Analyzer Verdict Alert fortinet Phishing
GET /style/jquery.mask.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "4e98-5ebde92797757-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5395
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
static-resource.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8020x
185.117.89.7200 OK 3.8 kB URL HTTP/1.1 static-resource.com/js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8020x
IP 185.117.89.7:0
Hash 23d5dcd2f24dab6a775ef8b3edea7b90
d7350496d00d373946b65ac88f85d75ac53e57dc
0cdec76497258f0b3002ff2c5e4c833f1a5bbf7cf78f5629f62211825ca8fdd9
GET /js/int.js?key=5f688b18da187d591a1d8d3ae7ae8fd008cd7871&uid=8020x HTTP/1.1
Host: static-resource.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 27 Oct 2022 13:48:51 GMT
Referrer-Policy: no-referrer
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=visa/br-vdv/201909250907&cb=1572421480540
23.38.200.249200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=visa/br-vdv/201909250907&cb=1572421480540
IP 23.38.200.249:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=visa/br-vdv/201909250907&cb=1572421480540 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
cache-control: max-age=600
expires: Thu, 27 Oct 2022 13:58:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.29.js?utv=ut4.46.201809171950
23.38.200.249200 OK 1.1 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.29.js?utv=ut4.46.201809171950
IP 23.38.200.249:0
File type ASCII text, with very long lines (1071)
Hash 93ef61e93ce02e4354d4a6aefa4def3c
91c0e94d452145ecb4342e22145a54f9260dc2d7
22ea158a2da39115567d20d27a8e28c7168787b2909f93c36fca17a9c2f05521
GET /utag/visa/br-vdv/prod/utag.29.js?utv=ut4.46.201809171950 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d24cc2ffaeda5cedad017a06cc16da77:1606470934.833988"
last-modified: Fri, 27 Nov 2020 09:55:34 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 1143
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.104.js?utv=ut4.46.201811291719
23.38.200.249200 OK 1.6 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.104.js?utv=ut4.46.201811291719
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash 34b0acfd2b81e1aa6ade443a05691f31
b7813abd450d93b8461ff5d2013af386eadaff50
f2cc447f9cb6f0668c9ca602141e8f7f22477fab0270b626fc958b981ff56c30
GET /utag/visa/br-vdv/prod/utag.104.js?utv=ut4.46.201811291719 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ab2cec45544ffedb2a9f2ed5abe93c4e:1606470922.732444"
last-modified: Fri, 27 Nov 2020 09:55:22 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 1635
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.93.js?utv=ut4.46.201908220846
23.38.200.249200 OK 3.5 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.93.js?utv=ut4.46.201908220846
IP 23.38.200.249:0
File type ASCII text, with very long lines (1214)
Hash bb08975b6666de58dcb23b6769a7394c
6742909758309b5e538c431e582a910a7dc62386
58254e060de370b2ee51a0d990f28c916f9ee92821373884333b2e73f39a7c27
GET /utag/visa/br-vdv/prod/utag.93.js?utv=ut4.46.201908220846 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ee02d3cdf2f2152933c895825bb2eef2:1606470933.995466"
last-modified: Fri, 27 Nov 2020 09:55:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 3475
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.91.js?utv=ut4.46.201810252003
23.38.200.249200 OK 2.4 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.91.js?utv=ut4.46.201810252003
IP 23.38.200.249:0
File type ASCII text, with very long lines (1496)
Hash fcebd5cacfa7dedec7d6c5a8623419da
b2c0fbc94dd9734a4a281964da9efc5d83e6b6f8
529b062b90506f1f4281f8aacb290d281dd38de70b9e2453604db3894e6c39a0
GET /utag/visa/br-vdv/prod/utag.91.js?utv=ut4.46.201810252003 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "aa8c050b28ba906693d5da8610c2301f:1606470924.029442"
last-modified: Fri, 27 Nov 2020 09:55:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 2371
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.106.js?utv=ut4.46.201811291719
23.38.200.249200 OK 1.5 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.106.js?utv=ut4.46.201811291719
IP 23.38.200.249:0
File type ASCII text, with very long lines (1117)
Hash 179b1aa0202cafe0b16bb9c95dbcbd98
068cbe7deed9c09ffc9fa90de2c880fdc9947cf9
afa6fdac8757c795289d22c91717b738ce56902a68f7390556ea1449f9efc6ce
GET /utag/visa/br-vdv/prod/utag.106.js?utv=ut4.46.201811291719 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "05721fa645757944d29a89394f65e1ee:1606470940.031141"
last-modified: Fri, 27 Nov 2020 09:55:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 1456
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.141.js?utv=ut4.46.201908220914
23.38.200.249200 OK 2.9 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.141.js?utv=ut4.46.201908220914
IP 23.38.200.249:0
File type ASCII text, with very long lines (1380)
Hash 06076301e62e2b1e3833c83d3774dd90
f2c3b07b2f98bff0538b83e5c5846530c4ffdb28
57fcdf815a596792c6f8d12024fede1aabc4af81e17e48441bad93c4f9fece60
GET /utag/visa/br-vdv/prod/utag.141.js?utv=ut4.46.201908220914 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d642959e2a6dfd582ba0c3dab67f6c1f:1606470940.44955"
last-modified: Fri, 27 Nov 2020 09:55:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 2934
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.142.js?utv=ut4.46.201909250907
23.38.200.249200 OK 1.4 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.142.js?utv=ut4.46.201909250907
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash 63680f9472061e5722c2fffa7817f505
042cb823ffc277ba38d55728a9f58e517465d74c
0d1a49e208409cfd41fde99b3d30eec60946044fc5e767a7a6c42e5e0c85e746
GET /utag/visa/br-vdv/prod/utag.142.js?utv=ut4.46.201909250907 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "84a2f8abb0e8426a6631110556bfcd6e:1631312206.235725"
last-modified: Fri, 10 Sep 2021 22:16:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 1350
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.52.js?utv=ut4.46.201909250907
23.38.200.249200 OK 990 B URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.52.js?utv=ut4.46.201909250907
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash 9baaab6a84cb7fa63607b3343f2f064d
41a4796fbf0c0ae233aa770fff540be20a1d938e
114b2fcb08b598232831fdbbfe56372f9e2151cf22756d21fcbb5d30a64d48d2
GET /utag/visa/br-vdv/prod/utag.52.js?utv=ut4.46.201909250907 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "47a90b507c70847d2c6304a9ff1b6e47:1606470930.005728"
last-modified: Fri, 27 Nov 2020 09:55:30 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 990
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.138.js?utv=ut4.46.201908220914
23.38.200.249200 OK 2.9 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.138.js?utv=ut4.46.201908220914
IP 23.38.200.249:0
File type ASCII text, with very long lines (1380)
Hash 83a6aab504768c39fc95058dee783c9b
ec7225a012fba4e5194cf9afc768f21ac4f8d8be
732a11904d4b4091f2eb083db9a17daa289bec6673533811db73ce2bb8db69d9
GET /utag/visa/br-vdv/prod/utag.138.js?utv=ut4.46.201908220914 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "31db2f129e078e19ee63a6bc941436a9:1606470921.890365"
last-modified: Fri, 27 Nov 2020 09:55:21 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 2935
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.36.js?utv=ut4.46.201909250907
23.38.200.249200 OK 2.4 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.36.js?utv=ut4.46.201909250907
IP 23.38.200.249:0
File type ASCII text, with very long lines (1117)
Hash 816e477242b3bce708d031e1c514d44e
65aec78c19fed3b6d6ca0047203f842aca7099bb
0ae0295d51b4314351577752248928ca8d4a1e6f74cd2ae1284598dbecb5102c
GET /utag/visa/br-vdv/prod/utag.36.js?utv=ut4.46.201909250907 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "739481036216e6a80db898413f2c2379:1606470926.327456"
last-modified: Fri, 27 Nov 2020 09:55:26 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 2360
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.12.js?utv=ut4.46.201904122023
23.38.200.249200 OK 1.4 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.12.js?utv=ut4.46.201904122023
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash b95bf0dcd65ff010a0a7ddad32c87ac2
5365d3dcfa98e1eea274c433ffbfb5bcd2148375
9e99a8075d5a0a5e2b47452368d89f8385adc4dce219e8b1173409018d6228fa
GET /utag/visa/br-vdv/prod/utag.12.js?utv=ut4.46.201904122023 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "3d0f12a7e2a393ee3865069de39a73d3:1606470942.144952"
last-modified: Fri, 27 Nov 2020 09:55:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 1388
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.18.js?utv=ut4.46.201908220846
23.38.200.249200 OK 1.7 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.18.js?utv=ut4.46.201908220846
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash d6c4ecc6365b049f95124ab37f2368cf
ee55319cd2daed0f59adb8dee264cc1bf52848bf
f4a2b4f1dab847628b0378680c3932195e90a2892386e47be35b3e24ca839e1d
GET /utag/visa/br-vdv/prod/utag.18.js?utv=ut4.46.201908220846 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ebbd5ca75d02f8cb9fd1876bdd8aba33:1606470927.634327"
last-modified: Fri, 27 Nov 2020 09:55:27 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 1738
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.3.js?utv=ut4.46.201909250907
23.38.200.249200 OK 6.4 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.3.js?utv=ut4.46.201909250907
IP 23.38.200.249:0
File type ASCII text, with very long lines (6667)
Hash af01102e67461fceec476126c9f73b76
ea8a29ac92227139f4fa820a0ee0db5b8b65f27b
12c998736e82b6c1fcef34fa7c6e040370d70f89e81103ecfb4ec1a3c170d92c
GET /utag/visa/br-vdv/prod/utag.3.js?utv=ut4.46.201909250907 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f6eb21932186f1a97061dccb72010784:1621882448.365062"
last-modified: Mon, 24 May 2021 18:54:08 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 6415
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:51 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666878531.dop020.sk1.t,1666878531.cds240.sk1.hn,1666878531.cds222.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.2.js?utv=ut4.46.201809171950
23.38.200.249200 OK 4.0 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.2.js?utv=ut4.46.201809171950
IP 23.38.200.249:0
File type ASCII text, with very long lines (957)
Hash ff57cad94836f28c93533f14b1b148b0
bac4edaebd1f0672a38f37a333520b9dd46dac6b
4992546f58cc37c22a01e804912dd42b8a8cc392f1c36aa4861797793333db4d
GET /utag/visa/br-vdv/prod/utag.2.js?utv=ut4.46.201809171950 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f0f6691b325f6e887c70185cc80ed61d:1606470943.025078"
last-modified: Fri, 27 Nov 2020 09:55:43 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 3993
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vaidevisago.siteprofissional.com/style/jquery.mobile-1.3.2.min.js
164.92.67.94200 OK 42 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/style/jquery.mobile-1.3.2.min.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32219)
Hash bc42190b2fe0196c2c95923698de1ffc
33629ff4ad986d6802b557d0d46f0563c9444d4f
3fa22507825a6ec6356103682b4f5bee1f09baa35d1f7d1a11c4666ba343f52a
Analyzer Verdict Alert fortinet Phishing
GET /style/jquery.mobile-1.3.2.min.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "237f4-5ebde9278cb75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 41798
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1079cafa27035b2db41370ccdf225b82
f4656006958035b152c14ba15b03320528710456
33cd9559b7007cc8299e73f0a2b811821fe7e69bec3782306393c243aad4ecc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33CD9559B7007CC8299E73F0A2B811821FE7E69BEC3782306393C243AAD4ECC9"
Last-Modified: Thu, 27 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21101
Expires: Thu, 27 Oct 2022 19:40:32 GMT
Date: Thu, 27 Oct 2022 13:48:51 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/1041894077/?random=1572421480731&cv=9&fst=1572421480731&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1041894077/?random=1572421480731&cv=9&fst=1572421480731&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2256), with no line terminators
Hash aa2fd750ba49fb71dd9af542d702963f
b3268bb0519ef46cc102bf4585f31da28b878931
0fe73d9cb90ebc3b1ec4cae7054131e073dd2f1c827044749e1948a33bded079
GET /pagead/viewthroughconversion/1041894077/?random=1572421480731&cv=9&fst=1572421480731&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdncache-a.akamaihd.net/sub/nee5452/52429_8020_/l.js?pid=2450&ext=Not%20set
23.36.76.179200 OK 1.2 kB URL HTTP/1.1 cdncache-a.akamaihd.net/sub/nee5452/52429_8020_/l.js?pid=2450&ext=Not%20set
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2358), with no line terminators
Hash 720b886c06db71d3c1560be408b53e5a
dab9e8a26a810939db82a11dcdf61e75d2e01738
b221255eaf90bbca6ee1af3c0c750e2b05fbfbebb4cefff167ebdf1047c15eea
GET /sub/nee5452/52429_8020_/l.js?pid=2450&ext=Not%20set HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/x-javascript
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Content-Length: 1239
Cache-Control: private, max-age=14400
Date: Thu, 27 Oct 2022 13:48:51 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013039282/?random=1572421480726&cv=9&fst=1572421480726&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013039282/?random=1572421480726&cv=9&fst=1572421480726&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2422), with no line terminators
Hash b3a863afebb36d84258fbfba7c71e0a4
65e6e0ef4a1f984d67b9a2776e9f809232784a5f
12f8ac377d70a7156bfd0c41ddb3175cebae64fee496132975a5238ecd995cea
GET /pagead/viewthroughconversion/1013039282/?random=1572421480726&cv=9&fst=1572421480726&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1088
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/945008755/?random=1572421480729&cv=9&fst=1572421480729&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/945008755/?random=1572421480729&cv=9&fst=1572421480729&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2424), with no line terminators
Hash 04d6aee93a9a58d601fd24d9a1ce6429
0c1c0b24edcec21c6373840c38df2cb6d33c7b16
38dc674fdf496dd5cd209b10e5fcf121d4885588b82379e079fdf3c54ca15a67
GET /pagead/viewthroughconversion/945008755/?random=1572421480729&cv=9&fst=1572421480729&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1088
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/945008755/?random=1572421483135&cv=9&fst=1572421483135&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/945008755/?random=1572421483135&cv=9&fst=1572421483135&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2460), with no line terminators
Hash 902db76d493b921d1bd5d88ee667ecd6
e1eb2c85c6f59e516984f1abe1fe5632f0cc0f9d
9d43f423cb8dd7557c06655b5afafc9de556ed2db3fd43410d32762cb281fc9e
GET /pagead/viewthroughconversion/945008755/?random=1572421483135&cv=9&fst=1572421483135&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1102
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-5262336
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-5262336
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 261874e098aa3500ed572d27989ab5be
c86ef7f5b9f8348b981b2dc3d52f4da7613d7790
217650c4d9ab6a50bd7793a165971a2057cf58a6d1664145c17b4bc27fffd893
GET /gtag/js?id=DC-5262336 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 13:48:51 GMT
expires: Thu, 27 Oct 2022 13:48:51 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-T6QL36
142.250.74.168200 OK 59 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T6QL36
IP 142.250.74.168:0
File type ASCII text, with very long lines (11043)
Hash 2b4d98bcb5460fb141a92c02ef7d01dd
377bb9b45ab576b5e67f3bcd1a1c266ddde93f76
7ee33c86ba63f5eb765cee610d9da87cf74ff5cc79e064e23e8b061f4cfd58e9
GET /gtm.js?id=GTM-T6QL36 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 13:48:51 GMT
expires: Thu, 27 Oct 2022 13:48:51 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59156
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.js
23.38.200.249200 OK 17 kB URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.js
IP 23.38.200.249:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (35969)
Hash fa4e6238ef07b068e8b3d98299bc5ba4
88f030c984725940a582b126382d2ec4092dd81b
71705f7a32e9636c9b289d719e55b5ba155443bf91b187bae2a269d061a09ee0
GET /utag/visa/br-vdv/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "8b7734ad053d1c6200db2b693abce60f:1657568460.262459"
last-modified: Mon, 11 Jul 2022 19:41:00 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 27 Oct 2022 13:53:51 GMT
date: Thu, 27 Oct 2022 13:48:51 GMT
content-length: 17373
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013039282/?random=1572421483131&cv=9&fst=1572421483131&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013039282/?random=1572421483131&cv=9&fst=1572421483131&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2424), with no line terminators
Hash cd832f2b18b53fa31c362a86a1e7d345
d1a79129ab4aeb4fc334e70452d3da9bf1c307d3
ff86c59962eee212ca9ba1444599317449d60936731589ee3618d989cf5e878a
GET /pagead/viewthroughconversion/1013039282/?random=1572421483131&cv=9&fst=1572421483131&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1090
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-javascript.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8020x&format=arrjs&r=1572421480277
185.117.89.7204 No Content 0 B URL HTTP/1.1 cdn-javascript.net/api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8020x&format=arrjs&r=1572421480277
IP 185.117.89.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api?key=a1ce18e5e2b4b1b1895a38130270d6d344d031c0&uid=8020x&format=arrjs&r=1572421480277 HTTP/1.1
Host: cdn-javascript.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 27 Oct 2022 13:48:51 GMT
Connection: keep-alive
Set-Cookie: _la=1666878531; Secure; SameSite=None
_lt=0; Secure; SameSite=None
Referrer-Policy: no-referrer
vaidevisago.siteprofissional.com/5.9097a13b4bbedfc1c388.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/5.9097a13b4bbedfc1c388.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /5.9097a13b4bbedfc1c388.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/common.244eb02e47bd8a8eba78.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/common.244eb02e47bd8a8eba78.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /common.244eb02e47bd8a8eba78.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 314 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d1466851c196430df5122f5481a896f4
18e1b5f5db6de4729a28ad82dde186247c2a695e
c077dd3f67802d43736b0b94b01ffba7a4f79c65a21600465f4fd7f6e2dc6e04
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 04:39:55 GMT
Expires: Tue, 01 Nov 2022 04:39:54 GMT
Etag: "18e1b5f5db6de4729a28ad82dde186247c2a695e"
Cache-Control: max-age=398462,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760be4463bffb52d-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 314 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash d1466851c196430df5122f5481a896f4
18e1b5f5db6de4729a28ad82dde186247c2a695e
c077dd3f67802d43736b0b94b01ffba7a4f79c65a21600465f4fd7f6e2dc6e04
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 04:39:55 GMT
Expires: Tue, 01 Nov 2022 04:39:54 GMT
Etag: "18e1b5f5db6de4729a28ad82dde186247c2a695e"
Cache-Control: max-age=398462,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760be4465d87b511-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vaidevisago.siteprofissional.com/style/jquery.jscrollpane.min.js
164.92.67.94200 OK 5.2 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/style/jquery.jscrollpane.min.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (16047), with no line terminators
Hash f41a2832ca44ca79e3496f652e7d7cc1
f056b41322e42de932e71457a3905778a0ef1fc4
3a32becdd1fd809216635f1b0ce553118288a8a8265e261c7331caec6ef58cdb
Analyzer Verdict Alert fortinet Phishing
GET /style/jquery.jscrollpane.min.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "3eaf-5ebde92797757-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5248
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3441
Cache-Control: max-age=155719
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:04:10 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3ff3bdea3c19b2bb01214873a1ef574a
c13ab2009cca80737486240c5dfedd31b1826ed6
fd41296b1406241c6b4ba5258a808e9dd5525bad66d8270f69f05de0ca84f584
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170445
Date: Thu, 27 Oct 2022 13:48:51 GMT
Etag: "635a6a95-1d7"
Expires: Sat, 29 Oct 2022 13:09:36 GMT
Last-Modified: Thu, 27 Oct 2022 11:25:09 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TOluJMoTQ5EcNfujrqpf5wZPnzpOZar3mtHVWeJDSmp4XkA7ryldrg==
Age: 6267
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 313e9637b3e00f3d9f89037f12234896
1ce643ed2c792a4e2785358546113a9aa6ff9b93
892027913f3a84234df771a5170122b456580e9bcd355e093759b626c67c5269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169225
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:51 GMT
Etag: "635a7e4c-1d7"
Expires: Sat, 29 Oct 2022 12:49:16 GMT
Last-Modified: Thu, 27 Oct 2022 12:49:16 GMT
Server: nginx
Content-Length: 471
vaidevisago.siteprofissional.com/style/jquery.jscrollpane.css
164.92.67.94200 OK 583 B URL HTTP/1.1 vaidevisago.siteprofissional.com/style/jquery.jscrollpane.css
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
Hash 588f3031d1e134f43a7aac5b14a77ca4
a08ee1cd3fb00e470c47408d9af84ad3b9d580f3
e4ff78cf55222e06a3cefe1bbb51a69141dc14772b6d2887dc6755f2f9508bf8
GET /style/jquery.jscrollpane.css HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "592-5ebde92797757-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 583
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
thm.visa.com/fp/tags.js?org_id=ge4f5xfn&session_id=vme_prod_001qrqtUAXF42RGVpxU70VrU5PtXTHs2AXjS5vcGPx9UmBcJn0rwKkNSln41HafO158AeObwpI3NdB1C1wW_gbpD2gN
91.235.133.182200 OK 12 kB URL HTTP/1.1 thm.visa.com/fp/tags.js?org_id=ge4f5xfn&session_id=vme_prod_001qrqtUAXF42RGVpxU70VrU5PtXTHs2AXjS5vcGPx9UmBcJn0rwKkNSln41HafO158AeObwpI3NdB1C1wW_gbpD2gN
IP 91.235.133.182:0
File type ASCII text, with very long lines (15506)
Hash cebac5f8865196e6f9b32a06f215df8a
a75b82e7c3ac9b0c3ffd75e3d701c3090c2d0dd5
8152dd936c30c6773428c46c367e62f15aa141d671eba8570ee7faae43d28fde
GET /fp/tags.js?org_id=ge4f5xfn&session_id=vme_prod_001qrqtUAXF42RGVpxU70VrU5PtXTHs2AXjS5vcGPx9UmBcJn0rwKkNSln41HafO158AeObwpI3NdB1C1wW_gbpD2gN HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Set-Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
vaidevisago.siteprofissional.com/runtime.1131016e2fb2770a2ad6.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/runtime.1131016e2fb2770a2ad6.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /runtime.1131016e2fb2770a2ad6.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/styles.d0e5ed94f6bd63383542.css
164.92.67.94200 OK 15 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/styles.d0e5ed94f6bd63383542.css
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (64924), with CRLF line terminators
Hash b61b2627dfff51039c4acc7d48a65b21
f748dc9ab2c2fb00d9e7d13a0a9ab5d12415165c
3971a592b6dd6d9916f446945b4150149f44117692c99a68ea616e21d25e19da
GET /styles.d0e5ed94f6bd63383542.css HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "18862-5ebde927986f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15106
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
vaidevisago.siteprofissional.com/style/jquery.mousewheel.js
164.92.67.94200 OK 2.6 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/style/jquery.mousewheel.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
Hash 6446e83f4bfaf13d16cc179f075aa1e3
85061daa9419a45aed5a3c74d9886cae2c7b611f
e8034ffbb7c0912d78bb1432c08f242f4e15af956c68ea16936faf6330b390a6
Analyzer Verdict Alert fortinet Phishing
GET /style/jquery.mousewheel.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "2051-5ebde92797757-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2555
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
vaidevisago.siteprofissional.com/polyfills.36b575cc9e7b354b2813.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/polyfills.36b575cc9e7b354b2813.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /polyfills.36b575cc9e7b354b2813.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 462730ad7594d6373ccfcd70f667be75
3f6d5ecd4276f91827c96056b15b92a07f3c7a5f
5614c760b42ecc84c6082558247c393638c95bfbc0eeaea7a95dd419b1b424d2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 19:52:48 GMT
Expires: Wed, 02 Nov 2022 19:52:47 GMT
Etag: "3f6d5ecd4276f91827c96056b15b92a07f3c7a5f"
Cache-Control: max-age=539635,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760be4463e74b4e8-OSL
s3.amazonaws.com/jscriptcdn/1f546f49ebf4153c8a.js
52.217.47.158301 Moved Permanently 447 B URL HTTP/1.1 s3.amazonaws.com/jscriptcdn/1f546f49ebf4153c8a.js
IP 52.217.47.158:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (408)
Hash 42d0f0024bd9ecc880d0964c4fbf1feb
a56e64d3459ac78dac5dba838e15078473305355
1a1f67e638c0a5de7634a00bfd01c6a9ce23653b5055e3a46d50e24487a2fadf
Analyzer Verdict Alert fortinet Malware
GET /jscriptcdn/1f546f49ebf4153c8a.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
x-amz-bucket-region: us-west-2
x-amz-request-id: 8H2CKV5DMYN5Q3Y5
x-amz-id-2: 3CGUhYGQnGWsCiGr/VYuVv5ZVUbkfIyUfvfFso5/xkV2RHHArraWLmiwsZkK/MKv75FaajXpHiQ=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: AmazonS3
countmake.cool/ext/1f546f49ebf4153c8a.js?sid=52429_8020_&title=Not%20set&blocks[]=02aed
5.149.255.154200 OK 3.8 kB URL HTTP/1.1 countmake.cool/ext/1f546f49ebf4153c8a.js?sid=52429_8020_&title=Not%20set&blocks[]=02aed
IP 5.149.255.154:0
File type ASCII text, with very long lines (9510), with no line terminators
Hash 19ea6fd6a1676dbefc4574fd3370014e
0bbbcf56947164f5e14595eef3a8c2f95256ab8b
b89e0e3a99fe0b7776c83c1d541030a57d4687bb516e15e64fdca76fdd4cce40
GET /ext/1f546f49ebf4153c8a.js?sid=52429_8020_&title=Not%20set&blocks[]=02aed HTTP/1.1
Host: countmake.cool
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: close
x-node-name: front6
Expires: Thu, 27 Oct 2022 14:48:51 GMT
Cache-Control: public, max-age=3600
Content-Encoding: gzip
cdn-js.net/addons/pops/license.14.js
79.141.160.71200 OK 19 kB URL HTTP/1.1 cdn-js.net/addons/pops/license.14.js
IP 79.141.160.71:0
ASN #202015 HZ Hosting Ltd
File type ASCII text, with very long lines (18966), with no line terminators
Hash f052c9699a251c888fb124d4b5823744
4d7d1dada2cc334d607359682a243a8ced90f0c6
da45119bbdafc318483be49e14d9d496c6d888f386464c13cf01c97b14ccda05
Analyzer Verdict Alert quad9 Sinkholed
GET /addons/pops/license.14.js HTTP/1.1
Host: cdn-js.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/javascript
Content-Length: 18966
Last-Modified: Fri, 19 Nov 2021 11:59:22 GMT
Connection: keep-alive
ETag: "6197919a-4a16"
Accept-Ranges: bytes
vaidevisago.siteprofissional.com/scripts.e35cff2fa05f2d7238f7.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/scripts.e35cff2fa05f2d7238f7.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /scripts.e35cff2fa05f2d7238f7.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/main.bc5a633ba21ea23e0389.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/main.bc5a633ba21ea23e0389.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /main.bc5a633ba21ea23e0389.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/style/jquery.maskedinput.js
164.92.67.94200 OK 1.7 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/style/jquery.maskedinput.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2911), with no line terminators
Hash abbbddf1465705c714e052cce9903efb
8a0c2f40f16eb78b4ea9de580fac191389fb3a70
f85fa30427eef690f311229eca59b32373ed44d1ac4021468de0a8672d281075
Analyzer Verdict Alert fortinet Phishing
GET /style/jquery.maskedinput.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "b5f-5ebde92797757-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1652
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
vaidevisago.siteprofissional.com/style/validation.js
164.92.67.94200 OK 1.6 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/style/validation.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 5db1b033ce2d917937c35c84f0eba47f
775d16b991e3f1e675bddf53070f8f5396caf508
1ab87d57b674e66f96c3b5bf80a23e21ce2d481b54c578fb3583666eee764662
Analyzer Verdict Alert fortinet Phishing
GET /style/validation.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "152a-5ebde9278cb75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1626
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cXJTVCfXul/H1M/u/a+M0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Md7cBN4+b3J3xpw2qU2tjVOeP/Q=
cdn-js.net/addons/pops/script.js?t=1572421480386
79.141.160.71200 OK 66 kB URL HTTP/1.1 cdn-js.net/addons/pops/script.js?t=1572421480386
IP 79.141.160.71:0
ASN #202015 HZ Hosting Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Hash 802c93d661fe328114bce162b4cab85c
bf4920a3a1886e89b1f7010d769826206cf3c66d
8c308ae6a59d839dbea82086b61679de669d1bea0fcb17d229c1bbd7de7f4542
Analyzer Verdict Alert quad9 Sinkholed
GET /addons/pops/script.js?t=1572421480386 HTTP/1.1
Host: cdn-js.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:51 GMT
Content-Type: application/javascript
Content-Length: 66492
Last-Modified: Fri, 19 Nov 2021 11:59:22 GMT
Connection: keep-alive
ETag: "6197919a-103bc"
Accept-Ranges: bytes
vaidevisago.siteprofissional.com/assets/images/logo-visa-white.svg
164.92.67.94200 OK 1.2 kB URL HTTP/1.1 vaidevisago.siteprofissional.com/assets/images/logo-visa-white.svg
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (910), with CRLF line terminators
Hash 2466eb351eef7a0e1ef1d680c6b465fc
51e6a469596d0bf1d6500894adbcdb627166ada5
a3c8766d6b15432dba5c3ada95055e54ca41f0bc899c87ee260ba446daa19a9a
Analyzer Verdict Alert fortinet Phishing
GET /assets/images/logo-visa-white.svg HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "4aa-5ebde9278ac35"
Accept-Ranges: bytes
Content-Length: 1194
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
vaidevisago.siteprofissional.com/assets/images/icons/seta.svg
164.92.67.94200 OK 917 B URL HTTP/1.1 vaidevisago.siteprofissional.com/assets/images/icons/seta.svg
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e6f2570c9be67e30c67d2d80fac5727a
0df6a102ee1e66c72d710051af473548539181f0
71a8c210d9845b89b4bd3d5a4ee9cb0ebe7458f4ac5710cbd1f49af09da470b3
Analyzer Verdict Alert fortinet Phishing
GET /assets/images/icons/seta.svg HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "395-5ebde9278ac35"
Accept-Ranges: bytes
Content-Length: 917
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
vaidevisago.siteprofissional.com/common.244eb02e47bd8a8eba78.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/common.244eb02e47bd8a8eba78.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /common.244eb02e47bd8a8eba78.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/5.9097a13b4bbedfc1c388.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/5.9097a13b4bbedfc1c388.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /5.9097a13b4bbedfc1c388.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/runtime.1131016e2fb2770a2ad6.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/runtime.1131016e2fb2770a2ad6.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /runtime.1131016e2fb2770a2ad6.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/home/assets/fonts/OpenSans-Light.woff2
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/home/assets/fonts/OpenSans-Light.woff2
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /home/assets/fonts/OpenSans-Light.woff2 HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/styles.d0e5ed94f6bd63383542.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/polyfills.36b575cc9e7b354b2813.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/polyfills.36b575cc9e7b354b2813.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /polyfills.36b575cc9e7b354b2813.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Cookie: utag_main=v_id:018419b3e806001d004a7cd5ef3c00050004800900918$_sn:1$_se:1$_ss:1$_st:1666880331591$ses_id:1666878531591%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/home/assets/fonts/OpenSans-Light.woff
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/home/assets/fonts/OpenSans-Light.woff
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /home/assets/fonts/OpenSans-Light.woff HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/styles.d0e5ed94f6bd63383542.css
Cookie: utag_main=v_id:018419b3e806001d004a7cd5ef3c00050004800900918$_sn:1$_se:1$_ss:1$_st:1666880331591$ses_id:1666878531591%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/scripts.e35cff2fa05f2d7238f7.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/scripts.e35cff2fa05f2d7238f7.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /scripts.e35cff2fa05f2d7238f7.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Cookie: utag_main=v_id:018419b3e806001d004a7cd5ef3c00050004800900918$_sn:1$_se:1$_ss:1$_st:1666880331591$ses_id:1666878531591%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vaidevisago.siteprofissional.com/home/assets/fonts/OpenSans-Light.ttf
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/home/assets/fonts/OpenSans-Light.ttf
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /home/assets/fonts/OpenSans-Light.ttf HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/styles.d0e5ed94f6bd63383542.css
Cookie: utag_main=v_id:018419b3e806001d004a7cd5ef3c00050004800900918$_sn:1$_se:1$_ss:1$_st:1666880331591$ses_id:1666878531591%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9402
Expires: Thu, 27 Oct 2022 16:25:35 GMT
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9402
Expires: Thu, 27 Oct 2022 16:25:35 GMT
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9402
Expires: Thu, 27 Oct 2022 16:25:35 GMT
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:44:24 GMT
age: 47069
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vaidevisago.siteprofissional.com/main.bc5a633ba21ea23e0389.js
164.92.67.94404 Not Found 295 B URL HTTP/1.1 vaidevisago.siteprofissional.com/main.bc5a633ba21ea23e0389.js
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc0befea7be5b7c941854b5a63f87003
d9cb40b9d39e2a662c5e41b9c7b2ab4f07c443ec
80ef440d07638fc6c7c5567cbd7fc53b3fe43a21c94693dbe6e59f63457482ce
Analyzer Verdict Alert fortinet Phishing
GET /main.bc5a633ba21ea23e0389.js HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Cookie: utag_main=v_id:018419b3e806001d004a7cd5ef3c00050004800900918$_sn:1$_se:1$_ss:1$_st:1666880331591$ses_id:1666878531591%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 27 Oct 2022 13:48:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Length: 295
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 57664
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67ab2d52efde23610013edaacf8ba485
16580f7f378eede68f6f8c5361f942d6a33b862e
35ef1400e311bc04c5e48d5e9e80060a377c6a8570cc2e76ca2e25f6395f80cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14637
x-amzn-requestid: d2b22c2f-a677-4d97-aa1e-98e93c988c7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_IjEibIAMF_DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524569-746ac9cf1df9428b60e84817;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:08:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dcIIYATr2wSA9wRFZIEptkACLVwLBMuadNzFHZZI2z742ub0WIUvYA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 09:03:21 GMT
age: 17132
etag: "16580f7f378eede68f6f8c5361f942d6a33b862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67c7146ff56c9463c0b083309a978ea0
707b7879deeb50d13d83aafc7293995e937024a7
b7165804db9a86623445ee8dce01ac6cbbf65cc7f99b60089ca4382a230b093e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4328
x-amzn-requestid: 0d4e3cd2-261d-48ca-9eaa-e8781bba8208
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvjFZtIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fc-78d12691124af7052d77f5be;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zhIR7YHR6tsp4mlWUeYqCk2QjLPiE_uyUwpSptMBqCjjtJQE6Fb5cw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:44 GMT
etag: "707b7879deeb50d13d83aafc7293995e937024a7"
content-type: image/jpeg
age: 57669
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed4462f023dbabb596a2e3b521425ca1
61b82445b422a5f917bb10640beb6d73eb0e62c3
a02af2897331acc123bf7d54b30929e3bc062a0875b5dea95302ddf60d808ded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2013af8a-e057-44cd-8dca-381e200609e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18182
x-amzn-requestid: f1232b1f-32ac-4820-b186-b3bfb928c0b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvSKFF4oAMF2Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f40-0b9bc4d27b7534176cc278ed;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6Ep7Z_31m6kPwBoVaHyE2TioMdDmF_SkwT5kl326QvWN1pFEX_sy6Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 10:24:27 GMT
age: 12266
etag: "61b82445b422a5f917bb10640beb6d73eb0e62c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27838ba1a0dc8484cc39e787b1e35c24
317f858e36816c2605e0ca91fd7ba60896bc082d
f5b148a13cdcdf31e83ba5db3da139f581778d8b843b8f59ab0c9f08990d0374
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fe841-b0a7-4f17-8713-d982fcedd316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6306
x-amzn-requestid: c5a693a2-df65-4c7a-a755-133e0dbf14e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apW_tHDGoAMFp2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a0531-72afd432100cd0117ec18934;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 04:12:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NHW-9SOjQC6lVwPls0OvxKPmyyvXjVp-k6Ht5Jhn6MHbu4lAXbvo-Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 04:38:42 GMT
age: 33011
etag: "317f858e36816c2605e0ca91fd7ba60896bc082d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s3.amazonaws.com/jscriptcdn/1f546f49ebf4153c8a.js
52.217.47.158301 Moved Permanently 447 B URL HTTP/1.1 s3.amazonaws.com/jscriptcdn/1f546f49ebf4153c8a.js
IP 52.217.47.158:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (408)
Hash f87c51cb400282ac2759cc6cfbfa97c9
e3c33a079010af18b667fc35087dbb85fdb5c21b
1f29249fc8c9468d9b0aef1e3abb465c5622f444b7b506cfd571281bc51336a1
Analyzer Verdict Alert fortinet Malware
GET /jscriptcdn/1f546f49ebf4153c8a.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
x-amz-bucket-region: us-west-2
x-amz-request-id: GFC63T7V94GF9GWP
x-amz-id-2: uzPaPvOvQPyyPzEKp2wNd1NKZ8pdEmJW5pFgYqRzHx0EjZIescNHS+xV2iiosO6u2O8chXRhpVc=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 27 Oct 2022 13:48:52 GMT
Server: AmazonS3
cdncache-a.akamaihd.net/loaders/2450/l.js?pid=2450&ext=Not%20set&zoneid=89140080
23.36.76.179200 OK 15 kB URL HTTP/1.1 cdncache-a.akamaihd.net/loaders/2450/l.js?pid=2450&ext=Not%20set&zoneid=89140080
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (778)
Hash ed33a3d218480edf97c7a404f6605842
aabf7d9f2bed69b5b152fc30fb0aee57172e8901
c6d7231a577b611f7c535479cac260698ed186b6ff0a9567feb30c1bb99d427b
GET /loaders/2450/l.js?pid=2450&ext=Not%20set&zoneid=89140080 HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/x-javascript
P3P: CP="CUR ADM OUR NOR STA NID"
Last-Modified: Tue, 22 Dec 2020 20:51:43 GMT
Content-Encoding: gzip
Content-Length: 14679
Cache-Control: private, max-age=13859
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.157.js?utv=ut4.46.202104190622
23.38.200.249200 OK 994 B URL HTTP/2 tags.tiqcdn.com/utag/visa/br-vdv/prod/utag.157.js?utv=ut4.46.202104190622
IP 23.38.200.249:0
File type ASCII text, with very long lines (995)
Hash fa42ce14fdeca5c3622d3808886f5ee9
b5a8fa4f0f6d6a7b570b886ed3059c4740554f20
6d2b3260ba16009975d45ac984f37d33e570fda7fa4470337736d4e03a9d0f98
GET /utag/visa/br-vdv/prod/utag.157.js?utv=ut4.46.202104190622 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "efa2cc8e152acda80779c928806114ca:1618813377.603354"
last-modified: Mon, 19 Apr 2021 06:22:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1296000
expires: Fri, 11 Nov 2022 13:48:53 GMT
date: Thu, 27 Oct 2022 13:48:53 GMT
content-length: 994
X-Firefox-Spdy: h2
cdn.navdmp.com/req?v=8&id=97c03a8ae5f06b3645ecf8cc109&acc=32949&upd=1&new=1&url=https%3A//vaidevisa.visa.com.br/home/&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa
104.16.11.243200 OK 6 B URL HTTP/2 cdn.navdmp.com/req?v=8&id=97c03a8ae5f06b3645ecf8cc109&acc=32949&upd=1&new=1&url=https%3A//vaidevisa.visa.com.br/home/&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa
IP 104.16.11.243:0
File type ASCII text, with no line terminators
Hash 78ee3bb2056dd0efade492fde18696fa
79bd43af2a36a7986088c0522e9a274a6030081a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
GET /req?v=8&id=97c03a8ae5f06b3645ecf8cc109&acc=32949&upd=1&new=1&url=https%3A//vaidevisa.visa.com.br/home/&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa HTTP/1.1
Host: cdn.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
content-type: application/x-javascript
content-length: 6
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760be4513b61b51b-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.174200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 13:02:26 GMT
expires: Thu, 27 Oct 2022 14:02:26 GMT
cache-control: public, max-age=3600
age: 2787
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
munchkin.marketo.net/155/munchkin.js
88.221.99.189200 OK 3.9 kB URL HTTP/1.1 munchkin.marketo.net/155/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (543)
Hash 72b8a82826a00b89060b33369f0c9391
a5b6d76c2d45535b87330cf75d3c3f6e77eb1c59
38c51d3e6793026b36bb121cf2328ddd35bf0519204fb26fa18ffe02a46aea6b
GET /155/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "c67dad42946949112916578f78706df8:1543547900"
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Sat, 04 Feb 2023 13:48:53 GMT
Date: Thu, 27 Oct 2022 13:48:53 GMT
Content-Length: 3923
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: max-age=139265
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 04:29:58 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdncache-a.akamaihd.net/store/
23.36.76.179200 OK 1.3 kB URL HTTP/1.1 cdncache-a.akamaihd.net/store/
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2419)
Hash e2ccd559b51985157a81962cd940277a
a4da038e706310801b84f9a270bec52e5f8ca7a7
603e8d275c58caab270057ecd632688fd6fe818a437e4f75a50a01a6e10e3588
GET /store/ HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3
Content-Type: text/html
P3P: CP="CUR ADM OUR NOR STA NID"
Last-Modified: Wed, 15 Aug 2018 16:05:46 GMT
Content-Encoding: gzip
Content-Length: 1282
Cache-Control: private, max-age=5879
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tag.navdmp.com/tm32949.js
104.16.11.243200 OK 16 kB URL HTTP/2 tag.navdmp.com/tm32949.js
IP 104.16.11.243:0
Hash a84d60163fc6fa6a4878d403ae0ac4d3
b12d05b135e4446fb84d95b89dea931d97e88842
82da5b0d4d0a959f01871d04853424ff559d4a5c6e4da21bd95858900dacb88e
GET /tm32949.js HTTP/1.1
Host: tag.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:51 GMT
content-type: application/javascript
last-modified: Tue, 07 Sep 2021 18:45:02 GMT
etag: W/"6137b32e-2423"
expires: Thu, 27 Oct 2022 14:40:32 GMT
cache-control: max-age=3600
access-control-allow-origin: *
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-encoding: gzip
cf-cache-status: HIT
age: 499
vary: Accept-Encoding
server: cloudflare
cf-ray: 760be4438865b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=0
142.250.74.34302 Found 292 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=0
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1377e25ecf8ad4ca6b1dce8c3fd4fe61
4d44ebd7a11a9b1954541d88c7aa992f5e415e52
6633cd676470856a32aaf2fd210131035fdcc8dbc35d0b1f9fca119c09b50543
GET /pixel?google_nid=navegg_ddp&google_cm&id=0 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=0&google_tc=
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 292
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/252630272271462?v=2.9.5&r=stable
31.13.72.12200 OK 11 kB URL HTTP/2 connect.facebook.net/signals/config/252630272271462?v=2.9.5&r=stable
IP 31.13.72.12:0
File type ASCII text, with very long lines (30919)
Hash 010901d5f51d4fe38a17f5187ff3678d
76ceaf0897ab5b6e119549488f38e028f66719bc
b460dbff47eef579c31f22cc8d9535969e2bb9d3567f11056b58bee464a8fa86
GET /signals/config/252630272271462?v=2.9.5&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hnuFnvNK2q6DLFLHpQ4AjtLzyvEKHAjws7zpC2bcpIjZ8mBD7t2wBsrvXjAMgyISHIT9DAZXWouWj663xoDZEw==
content-length: 10567
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 13:48:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=0
142.250.74.34302 Found 292 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=0
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1377e25ecf8ad4ca6b1dce8c3fd4fe61
4d44ebd7a11a9b1954541d88c7aa992f5e415e52
6633cd676470856a32aaf2fd210131035fdcc8dbc35d0b1f9fca119c09b50543
GET /pixel?google_nid=navegg_ddp&google_cm&id=0 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=0&google_tc=
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 292
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-Oct-2022 14:03:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/945008755/?random=1572421483135&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=828974704&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/945008755/?random=1572421483135&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=828974704&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/945008755/?random=1572421483135&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=828974704&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1041894077/?random=1572421483116&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2937302668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1041894077/?random=1572421483116&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2937302668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1041894077/?random=1572421483116&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2937302668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1013039282/?random=1572421483131&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=1589299664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013039282/?random=1572421483131&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=1589299664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013039282/?random=1572421483131&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=1589299664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1041894077/?random=1572421483116&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2937302668&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1041894077/?random=1572421483116&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2937302668&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1041894077/?random=1572421483116&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2937302668&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 84409c129527969831699eb02cd244b9
e1bd7e37698890246e939b31510f3ab3aac605c6
54a130a13a831b71441be9bfbd1b74d8a7433a8e4bb4ab3f5ed9edde6bcd3964
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: gwv7MRCcb43TR6EZ742uvZMbBrnD/21N6j8Mh+6RQzRhS8JxClybyIgeK0Eg3wX5e5BlEIdESIuu1C5ppzW1vA==
content-length: 27076
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 13:48:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1041894077/?random=1572421480731&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=323174299&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1041894077/?random=1572421480731&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=323174299&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1041894077/?random=1572421480731&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=323174299&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1041894077/?random=1572421480731&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=323174299&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1041894077/?random=1572421480731&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=323174299&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1041894077/?random=1572421480731&cv=9&fst=1572418800000&num=1&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=323174299&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 27 Oct 2022 12:41:09 GMT
expires: Thu, 27 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 4064
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/945008755/?random=1572421480729&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2965709414&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/945008755/?random=1572421480729&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2965709414&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/945008755/?random=1572421480729&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2965709414&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/945008755/?random=1572421480729&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2965709414&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/945008755/?random=1572421480729&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2965709414&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/945008755/?random=1572421480729&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=2965709414&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/pt_BR/sdk.js?hash=0d3a9a9951bbe9329d8ea5908a2133cd&ua=modern_es6
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js?hash=0d3a9a9951bbe9329d8ea5908a2133cd&ua=modern_es6
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash f464d26991f5a76a75e73a1b5233264a
1fb2cbfcbe6ae984be858c7283749fce77b68628
a13b4786907e16e996853a69dc09ffacab3360a6e84fa99cfb023fd71934927f
GET /pt_BR/sdk.js?hash=0d3a9a9951bbe9329d8ea5908a2133cd&ua=modern_es6 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d2b379df30fff945d2975d92c688945a
etag: "818680183ad1a022af15a6b0cd438a5e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 25 Oct 2023 20:59:24 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 9GTSaZH1p2p15zobUjMmSg==
x-fb-debug: /MXbxwQutW76pJRPYxSK4B1th/cKtFl8V+LUffuBrskSk0noJ7sImUB/z9nEaiGIRH9WC7WjBblFqRh5/KBuIw==
priority: u=3,i
content-length: 86984
x-fb-trip-id: 1904183273
date: Thu, 27 Oct 2022 13:48:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1904
Cache-Control: max-age=138001
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 04:08:54 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
vaidevisago.siteprofissional.com/assets/images/favicon-16x16.png?t=1572360179888
164.92.67.94200 OK 761 B URL HTTP/1.1 vaidevisago.siteprofissional.com/assets/images/favicon-16x16.png?t=1572360179888
IP 164.92.67.94:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 16 x 16, 8-bit/color RGBA, interlaced\012- data
Hash 4dc709db2e50a48416ae17301ec9111a
7c720abf28383ddee2976da4de8e07367cc0594c
231d093816fd7dce1e1fdd1a1bac8f0d71356384657a302101b744c629bd79a6
Analyzer Verdict Alert fortinet Phishing
GET /assets/images/favicon-16x16.png?t=1572360179888 HTTP/1.1
Host: vaidevisago.siteprofissional.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/etapa3.php?27.Oct.2022.00.41.05
Cookie: utag_main=v_id:018419b3e806001d004a7cd5ef3c00050004800900918$_sn:1$_se:1$_ss:1$_st:1666880331591$ses_id:1666878531591%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 25 Oct 2022 16:40:56 GMT
ETag: "2f9-5ebde9278ac35"
Accept-Ranges: bytes
Content-Length: 761
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d97ec457f6507e9923ccd5fcb7c020be
3fbce464036b907765e2ce5b58a44e2637114195
4e3242d9e13197026290d20b742d7a555f3dfca31bed1d8b6ea15fd321aa1c4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1013039282/?random=1572421480726&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=88182979&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013039282/?random=1572421480726&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=88182979&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013039282/?random=1572421480726&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=4&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2F&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=88182979&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/oct.js
192.229.233.25301 Moved Permanently 0 B URL HTTP/1.1 platform.twitter.com/oct.js
IP 192.229.233.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /oct.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Thu, 27 Oct 2022 13:48:53 GMT
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=,edge;dur=1
x-tw-cdn: VZ
Content-Length: 0
munchkin.marketo.net/munchkin.js
88.221.99.189200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 88.221.99.189:0
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 27 Oct 2022 13:48:53 GMT
Content-Length: 728
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
cdncache-a.akamaihd.net/loaders/icp
23.36.76.179200 OK 553 B URL HTTP/1.1 cdncache-a.akamaihd.net/loaders/icp
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1231), with no line terminators
Hash 617e24c3f72490977d0ecc2fd8c27159
1a5ae55f8d3f3eaaef0b8effa50475b6763c314e
b78680ba7578a9bcca884cbeadd3431f5ff8a02fb700e8feecdcb0325690ae70
GET /loaders/icp HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 553
Cache-Control: private, max-age=1675
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
www.google.com/pagead/1p-user-list/1013039282/?random=1572421483131&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=1589299664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1013039282/?random=1572421483131&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=1589299664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013039282/?random=1572421483131&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=1589299664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/945008755/?random=1572421483135&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=828974704&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/945008755/?random=1572421483135&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=828974704&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/945008755/?random=1572421483135&cv=9&fst=1572418800000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=5&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4>m=2odaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fvaidevisa.visa.com.br%2Fhome%2Fminha-conta%2Flogin&tiba=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%C3%A7%C3%B5es%20Visa&async=1&fmt=3&is_vtc=1&random=828974704&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 13:48:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdncache-a.akamaihd.net/js/d6f636e2c616e6f69637379666f6270756479637e2f676163796675646961667/r.js
23.36.76.179200 OK 95 B URL HTTP/1.1 cdncache-a.akamaihd.net/js/d6f636e2c616e6f69637379666f6270756479637e2f676163796675646961667/r.js
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
Hash 29e326ec69f62a77d3aec3a70ac17541
fc355b535fe9c25b541276ab319c557135c306c6
5e3bcc8e729240f8a236018d3032af6b5249ada1f1fa497b34542dd28d818074
GET /js/d6f636e2c616e6f69637379666f6270756479637e2f676163796675646961667/r.js HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript
Last-Modified: 1666875679000
Content-Encoding: gzip
Content-Length: 95
Cache-Control: private, max-age=11543
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
sjrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=608-RNC-047
104.85.188.19200 OK 0 B URL HTTP/1.1 sjrtp-cdn.marketo.com/rtp-api/v1/rtp.js?aid=608-RNC-047
IP 104.85.188.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtp-api/v1/rtp.js?aid=608-RNC-047 HTTP/1.1
Host: sjrtp-cdn.marketo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Jetty(9.4.45.v20220203)
Content-Type: application/x-javascript; charset=UTF-8
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6aea2b53730d690520456a2d4bce2976
288f8627b61fc52fe0497a201c13ea1fc3e081e0
8cc795f1f98e9cdf1e5020623b120801ed0aed34ffac56def62b2e4b12db4df1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 06:22:50 GMT
Expires: Thu, 03 Nov 2022 06:22:49 GMT
Etag: "288f8627b61fc52fe0497a201c13ea1fc3e081e0"
Cache-Control: max-age=602132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1032
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760be453ca8db500-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion_async.js
142.250.74.66200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (1654)
Hash 8f4393805cb330102a4511569e2afe34
eae012659a6af5d6e8fe410e693d85649089ac25
55d0e63b0534a1c170b02f286b62bf3e0eb7db5adf77c5e95bb114cbb10b5961
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 27 Oct 2022 13:48:53 GMT
expires: Thu, 27 Oct 2022 13:48:53 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2727272090050510172
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15175
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stickyid-a.akamaihd.net/
23.36.76.176302 Moved Temporarily 154 B IP 23.36.76.176:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET / HTTP/1.1
Host: stickyid-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 154
Content-Type: text/html
Location: /?cc=1&
Set-Cookie: b53eedc13__=2d360280eeaa7fb2ff79cec0b6bd00b9fe008cdef.1666878533; expires=Fri, 27 Oct 2023 13:48:53 GMT; domain=.akamaihd.net; path=/; HttpOnly; SameSite=None; Secure
ETag: "d2715d34e10e5a9f3692d96bd0fbb282:1592835897"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://vaidevisago.siteprofissional.com
P3P: CP="We do not have a P3P policy."
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Unused62: 8096267
Expires: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: max-age=0, no-cache, no-store, private
Pragma: no-cache
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f4c8dffdefa51a65465875644d8c340d
f57fa1951058b0f54bbe8031dad60a2940a1357f
ae03744220b90272a4b95117b8aa06a644c028c817aa31de7c6ad4f7ab410936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e0463bd5bd6198a1ff8524e7411845db
478c0680f0dfe8282a6625bf520fc042b3e75662
4a8dfaced4ca5af63354f87860f06ad18c7cc126ea293a93013139f59325d3d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100392
Date: Thu, 27 Oct 2022 13:48:53 GMT
Etag: "63596652-1d7"
Expires: Fri, 28 Oct 2022 17:42:05 GMT
Last-Modified: Wed, 26 Oct 2022 16:54:42 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gwYBlrhTi5Z09yprsV6f2UKCjuja0zubzmqTv9zu3q6Q5pqA7Dl93w==
Age: 2843
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6aea2b53730d690520456a2d4bce2976
288f8627b61fc52fe0497a201c13ea1fc3e081e0
8cc795f1f98e9cdf1e5020623b120801ed0aed34ffac56def62b2e4b12db4df1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2022 06:22:50 GMT
Expires: Thu, 03 Nov 2022 06:22:49 GMT
Etag: "288f8627b61fc52fe0497a201c13ea1fc3e081e0"
Cache-Control: max-age=602132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1032
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760be4545b7ab500-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e0463bd5bd6198a1ff8524e7411845db
478c0680f0dfe8282a6625bf520fc042b3e75662
4a8dfaced4ca5af63354f87860f06ad18c7cc126ea293a93013139f59325d3d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98862
Date: Thu, 27 Oct 2022 13:48:53 GMT
Etag: "63596652-1d7"
Expires: Fri, 28 Oct 2022 17:16:35 GMT
Last-Modified: Wed, 26 Oct 2022 16:54:42 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jJxjXTX47qjOsJEfY-IWCbaMhAvSXoyTxNMOXvaOhdvZfjeTR17Caw==
Age: 1313
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e0463bd5bd6198a1ff8524e7411845db
478c0680f0dfe8282a6625bf520fc042b3e75662
4a8dfaced4ca5af63354f87860f06ad18c7cc126ea293a93013139f59325d3d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101112
Date: Thu, 27 Oct 2022 13:48:53 GMT
Etag: "63596652-1d7"
Expires: Fri, 28 Oct 2022 17:54:05 GMT
Last-Modified: Wed, 26 Oct 2022 16:54:42 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NPcQpr0JLTs3SBV8iDdjAR-luAcNvZAy8YKffsUVwbmiEg8xVscD6w==
Age: 3563
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e0463bd5bd6198a1ff8524e7411845db
478c0680f0dfe8282a6625bf520fc042b3e75662
4a8dfaced4ca5af63354f87860f06ad18c7cc126ea293a93013139f59325d3d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103610
Date: Thu, 27 Oct 2022 13:48:53 GMT
Etag: "63596652-1d7"
Expires: Fri, 28 Oct 2022 18:35:43 GMT
Last-Modified: Wed, 26 Oct 2022 16:54:42 GMT
Server: ECS (nyb/1DCD)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mSq7feII7SwJ7zxlbxRws80L51V3bOhyhpNQl4McpRl0n6afira3-A==
Age: 6061
visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421495361
174.129.38.122200 OK 27 B URL HTTP/2 visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421495361
IP 174.129.38.122:0
File type ASCII text, with no line terminators
Hash e3f5e4914567e4140763f524bc86a871
16f71389fdcbdd35084d2946d234943a00090935
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
GET /visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421495361 HTTP/1.1
Host: visitor-service-us-east-1.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 27
x-region: us-east-1
x-nodeid: i-0e35f789e6f1ff096
x-version: 4e4d83dc001f34bb1403f2d000328e9ef01e62b2-SNAPSHOT
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421483854
174.129.38.122200 OK 27 B URL HTTP/2 visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421483854
IP 174.129.38.122:0
File type ASCII text, with no line terminators
Hash e3f5e4914567e4140763f524bc86a871
16f71389fdcbdd35084d2946d234943a00090935
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
GET /visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421483854 HTTP/1.1
Host: visitor-service-us-east-1.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 27
x-region: us-east-1
x-nodeid: i-0fe7553cfb68226ad
x-version: 4e4d83dc001f34bb1403f2d000328e9ef01e62b2-SNAPSHOT
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421487870
174.129.38.122200 OK 27 B URL HTTP/2 visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421487870
IP 174.129.38.122:0
File type ASCII text, with no line terminators
Hash e3f5e4914567e4140763f524bc86a871
16f71389fdcbdd35084d2946d234943a00090935
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
GET /visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421487870 HTTP/1.1
Host: visitor-service-us-east-1.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 27
x-region: us-east-1
x-nodeid: i-075558cd395f23932
x-version: 4e4d83dc001f34bb1403f2d000328e9ef01e62b2-SNAPSHOT
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421481930
174.129.38.122200 OK 27 B URL HTTP/2 visitor-service-us-east-1.tealiumiq.com/visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421481930
IP 174.129.38.122:0
File type ASCII text, with no line terminators
Hash e3f5e4914567e4140763f524bc86a871
16f71389fdcbdd35084d2946d234943a00090935
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
GET /visa/main/016e1b9fafcd0013ab0df291bd7f03072002306a0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1572421481930 HTTP/1.1
Host: visitor-service-us-east-1.tealiumiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 27
x-region: us-east-1
x-nodeid: i-052f62bc94b740fd7
x-version: 4e4d83dc001f34bb1403f2d000328e9ef01e62b2-SNAPSHOT
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2
static.ads-twitter.com/oct.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/oct.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /oct.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vaidevisago.siteprofissional.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Thu, 27 Oct 2022 13:48:53 GMT
x-served-by: cache-iad-kiad7000030-IAD, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=499784570354302&input_token&origin=1&redirect_uri=https%3A%2F%2Fvaidevisago.siteprofissional.com%2Fetapa3.php%3F27.Oct.2022.00.41.05&sdk=joey&wants_cookie_data=false
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=499784570354302&input_token&origin=1&redirect_uri=https%3A%2F%2Fvaidevisago.siteprofissional.com%2Fetapa3.php%3F27.Oct.2022.00.41.05&sdk=joey&wants_cookie_data=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=499784570354302&input_token&origin=1&redirect_uri=https%3A%2F%2Fvaidevisago.siteprofissional.com%2Fetapa3.php%3F27.Oct.2022.00.41.05&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vaidevisago.siteprofissional.com/
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://vaidevisago.siteprofissional.com
fb-s: unknown
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: VaZ5UaHBAL+B7xIxS0BQ/RsIlDWbzk40WCWJudZ2xq4dqcjk5b2gK4xxi9FHYrq6zTl3hbTLQ6JE+dYknlSBdA==
content-length: 0
date: Thu, 27 Oct 2022 13:48:53 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stickyid-a.akamaihd.net/?cc=1&
23.36.76.176200 OK 90 B URL HTTP/1.1 stickyid-a.akamaihd.net/?cc=1&
IP 23.36.76.176:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7a6c7b9bf360392895dbad477048f6ef
3ae2513a588a0db68bab3ece8d41843146d57a97
1b6f40ffc672e14b2a9b9c27e4d36d2c884381eff87f0083418ffef67cf36de1
GET /?cc=1& HTTP/1.1
Host: stickyid-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Referer: https://vaidevisago.siteprofissional.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache
Content-Length: 90
Content-Type: application/json
Set-Cookie: b53eedc13__=2d360280eeaa7fb27431d46976bd00b9fe008cdef.1666878533; expires=Fri, 27 Oct 2023 13:48:53 GMT; domain=.akamaihd.net; path=/; HttpOnly; SameSite=None; Secure
ETag: "d2715d34e10e5a9f3692d96bd0fbb282:1592835897"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://vaidevisago.siteprofissional.com
P3P: CP="We do not have a P3P policy."
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Unused62: 8096267
Expires: Thu, 27 Oct 2022 13:48:53 GMT
Cache-Control: max-age=0, no-cache, no-store, private
Pragma: no-cache
Date: Thu, 27 Oct 2022 13:48:53 GMT
Connection: keep-alive
cdn.navdmp.com/req?v=8&id=11a1e103187921234195e80c6110&acc=32949&upd=1&new=1&url=https%3A//vaidevisago.siteprofissional.com/etapa3.php%3F27.Oct.2022.00.41.05&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa
104.16.11.243200 OK 6 B URL HTTP/2 cdn.navdmp.com/req?v=8&id=11a1e103187921234195e80c6110&acc=32949&upd=1&new=1&url=https%3A//vaidevisago.siteprofissional.com/etapa3.php%3F27.Oct.2022.00.41.05&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa
IP 104.16.11.243:0
File type ASCII text, with no line terminators
Hash 78ee3bb2056dd0efade492fde18696fa
79bd43af2a36a7986088c0522e9a274a6030081a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
GET /req?v=8&id=11a1e103187921234195e80c6110&acc=32949&upd=1&new=1&url=https%3A//vaidevisago.siteprofissional.com/etapa3.php%3F27.Oct.2022.00.41.05&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa HTTP/1.1
Host: cdn.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:54 GMT
content-type: application/x-javascript
content-length: 6
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760be4557970b51b-OSL
X-Firefox-Spdy: h2
sync2.navdmp.com/sync?prtid=2&id=0&google_error=3
104.16.11.243200 OK 6 B URL HTTP/2 sync2.navdmp.com/sync?prtid=2&id=0&google_error=3
IP 104.16.11.243:0
File type ASCII text, with no line terminators
Hash 78ee3bb2056dd0efade492fde18696fa
79bd43af2a36a7986088c0522e9a274a6030081a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
GET /sync?prtid=2&id=0&google_error=3 HTTP/1.1
Host: sync2.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vaidevisago.siteprofissional.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:54 GMT
content-type: application/javascript
content-length: 6
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760be455998fb51b-OSL
X-Firefox-Spdy: h2
cdn.navdmp.com/req?v=8&id=11a1e103187921234195e80c6110&acc=32949&upd=1&new=1&url=https%3A//vaidevisago.siteprofissional.com/etapa3.php%3F27.Oct.2022.00.41.05&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa
104.16.11.243200 OK 6 B URL HTTP/2 cdn.navdmp.com/req?v=8&id=11a1e103187921234195e80c6110&acc=32949&upd=1&new=1&url=https%3A//vaidevisago.siteprofissional.com/etapa3.php%3F27.Oct.2022.00.41.05&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa
IP 104.16.11.243:0
File type ASCII text, with no line terminators
Hash 78ee3bb2056dd0efade492fde18696fa
79bd43af2a36a7986088c0522e9a274a6030081a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
GET /req?v=8&id=11a1e103187921234195e80c6110&acc=32949&upd=1&new=1&url=https%3A//vaidevisago.siteprofissional.com/etapa3.php%3F27.Oct.2022.00.41.05&tit=Vai%20de%20Visa%20%7C%20Programa%20de%20ofertas%20e%20promo%E7%F5es%20Visa HTTP/1.1
Host: cdn.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:54 GMT
content-type: application/x-javascript
content-length: 6
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760be4565a8bb51b-OSL
X-Firefox-Spdy: h2
sync2.navdmp.com/sync?prtid=2&id=0&google_error=3
104.16.11.243200 OK 6 B URL HTTP/2 sync2.navdmp.com/sync?prtid=2&id=0&google_error=3
IP 104.16.11.243:0
File type ASCII text, with no line terminators
Hash 78ee3bb2056dd0efade492fde18696fa
79bd43af2a36a7986088c0522e9a274a6030081a
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
GET /sync?prtid=2&id=0&google_error=3 HTTP/1.1
Host: sync2.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vaidevisago.siteprofissional.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:54 GMT
content-type: application/javascript
content-length: 6
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760be4567aacb51b-OSL
X-Firefox-Spdy: h2
cdncache-a.akamaihd.net/i/items/z7b85/js/z7b85.js
23.36.76.179200 OK 8.9 kB URL HTTP/1.1 cdncache-a.akamaihd.net/i/items/z7b85/js/z7b85.js
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1284)
Hash ca9569a8484b19e07482d790392dd703
2d9cd7726159e4de718a9444b78ab73feac93444
5489d277d77881f0b8f972621a204fa8aaa8c8cf15700d67a16773f928d9a23f
GET /i/items/z7b85/js/z7b85.js HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0E9kM/H7bmU1nYVQPABseqyR05K4v6oV+giNoXlu/52gsXxMhCVX8AjbTY0XAbgobMChIwM2hts=
x-amz-request-id: FBSBRG63RZ6XKPQ1
Last-Modified: Wed, 13 Jul 2022 19:20:44 GMT
ETag: "eb9b9775077d93f7e1d610d47935b306"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 8907
Cache-Control: public, private, max-age=10495
Date: Thu, 27 Oct 2022 13:48:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
cdncache-a.akamaihd.net/i/items/za735/js/za735.js
23.36.76.179200 OK 219 B URL HTTP/1.1 cdncache-a.akamaihd.net/i/items/za735/js/za735.js
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 050538e4aebe1172e96a41f3485fa1e9
21c2c9798e8c121653fa580467b3ef47d7912785
cd68b2d61ba5aecaf8a0ab74c7f46edf66b073c8c9712d697e1f9f7f8f633557
GET /i/items/za735/js/za735.js HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 9XbhT1Z7HT0yIO14FxKahusHPEyOXVgrXD6+Pokdok9DDa20rpTsI7jxo4Lz+iLHBk238X17RMY=
x-amz-request-id: ABFDBEEF1DB5C752
Last-Modified: Tue, 09 Jun 2020 18:49:45 GMT
ETag: "4cbb26eea68b9d1f4f620ddb5383fcb0"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 219
Cache-Control: public, private, max-age=7731
Date: Thu, 27 Oct 2022 13:48:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
cdncache-a.akamaihd.net/i/items/w978b/js/w978b.js
23.36.76.179200 OK 3.3 kB URL HTTP/1.1 cdncache-a.akamaihd.net/i/items/w978b/js/w978b.js
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1125)
Hash 35c641dba2b53dd3b5a4eae505f49c07
ab075db8aa478e2cebf52f7d4d5c022c25e812e7
8c2be705f769e38f91e0d157152ed17887be2b8752c9e1b317bcd629be42bd99
GET /i/items/w978b/js/w978b.js HTTP/1.1
Host: cdncache-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3dm+n0XVbrrZMhUUuXvqZt0hSKkUrgtmpDeOOKPOFmbtC0qsshWiQ1/SZ5tsYlzLB2H6Slr9IH0=
x-amz-request-id: 1FD257AD416A71DE
Last-Modified: Thu, 10 Oct 2019 15:00:49 GMT
ETag: "a6297b59180ac8d4c20c2481cc103186"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 3264
Cache-Control: public, private, max-age=12339
Date: Thu, 27 Oct 2022 13:48:54 GMT
Connection: keep-alive
Vary: Accept-Encoding
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6171
Cache-Control: max-age=112742
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:54 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 21:07:56 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
eventping-a.akamaihd.net/s.gif?_&t=event&channel=0000-0000&m=2605&_cb=1666878533827
23.36.76.170200 OK 4 B URL HTTP/1.1 eventping-a.akamaihd.net/s.gif?_&t=event&channel=0000-0000&m=2605&_cb=1666878533827
IP 23.36.76.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /s.gif?_&t=event&channel=0000-0000&m=2605&_cb=1666878533827 HTTP/1.1
Host: eventping-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 4
Expires: Thu, 27 Oct 2022 13:48:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 27 Oct 2022 13:48:54 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.6.1/fingerprint2.min.js
104.17.25.14200 OK 9.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.6.1/fingerprint2.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32014)
Hash cd7c0f774999bae7facc8872be421b8a
6192a47d4823357a656397cf2940048c3e82edf4
202c88d77db0632bfbe4e78cfc1ccf1440fe4d2fde1a1405b5a667ded869f5c1
GET /ajax/libs/fingerprintjs2/1.6.1/fingerprint2.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 9054
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5c-86e8"
last-modified: Mon, 04 May 2020 16:10:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2460434
expires: Tue, 17 Oct 2023 13:48:54 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 760be45aac8db509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eventping-a.akamaihd.net/s.gif?_&t=event&channel=0000-0000&m=2605&_cb=1666878533883
23.36.76.170200 OK 4 B URL HTTP/1.1 eventping-a.akamaihd.net/s.gif?_&t=event&channel=0000-0000&m=2605&_cb=1666878533883
IP 23.36.76.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /s.gif?_&t=event&channel=0000-0000&m=2605&_cb=1666878533883 HTTP/1.1
Host: eventping-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 4
Expires: Thu, 27 Oct 2022 13:48:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 27 Oct 2022 13:48:54 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
canvasdp-a.akamaihd.net/s.gif?zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532<=e&cachebreaker=1666878533
23.36.76.99200 OK 0 B URL HTTP/1.1 canvasdp-a.akamaihd.net/s.gif?zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532<=e&cachebreaker=1666878533
IP 23.36.76.99:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532<=e&cachebreaker=1666878533 HTTP/1.1
Host: canvasdp-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PBhrJJYkKo48ELT33xMKCCqr5kIJDqRCUqtJ+58k9V+mYYH0s6rcYUyFFb1GJoZ6KX0HHFghFeM=
x-amz-request-id: 223A97A2A54A53F7
Last-Modified: Fri, 20 Jan 2017 15:27:08 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 0
Server: AmazonS3
Date: Thu, 27 Oct 2022 13:48:54 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2934
Cache-Control: max-age=109505
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 13:48:54 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 20:13:59 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ck=0&m=1
91.235.133.182200 OK 81 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ck=0&m=1
IP 91.235.133.182:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ck=0&m=1 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ck=0&m=2
91.235.133.182200 OK 81 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ck=0&m=2
IP 91.235.133.182:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ck=0&m=2 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
thm.visa.com/fp/check.js;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jb=373a262c6a716575374c696e757a266a736f354e696c777a246a7b62773d446b7265666f70266271603d4e637065646d7a253a38313837
91.235.133.182200 OK 47 kB URL HTTP/1.1 thm.visa.com/fp/check.js;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jb=373a262c6a716575374c696e757a266a736f354e696c777a246a7b62773d446b7265666f70266271603d4e637065646d7a253a38313837
IP 91.235.133.182:0
File type ASCII text, with very long lines (6113)
Hash 6c2f5bb58aafb130f56a83acd708e594
3bd22279c3710f4cd2d02684495bad0cd5366b0f
ff7916064d61b30b93c68eaa367b3df4557b783f8d01a03a633afd0b514228ec
GET /fp/check.js;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jb=373a262c6a716575374c696e757a266a736f354e696c777a246a7b62773d446b7265666f70266271603d4e637065646d7a253a38313837 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: e5665d120f9905ec
Access-Control-Allow-Origin: *
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash d8fa2e24ecfa106a2fde54072f26cb3b
e8b19476bd31c474b807a00dd6fbe7406a250697
822ecf2e39c8aa94a71bb7a9118b2833e4f6f0750b306dc88b337cff19d49da3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134719
Date: Thu, 27 Oct 2022 13:48:55 GMT
Etag: "6359e21c-1d7"
Expires: Sat, 29 Oct 2022 03:14:14 GMT
Last-Modified: Thu, 27 Oct 2022 01:42:52 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GFVkcTr4Ox7zR45ZqF63tArANnsyWiEklhpwEFZkVjgjSNi478uYEw==
Age: 5483
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 19 kB IP 188.125.94.206:0
File type ASCII text, with very long lines (16810)
Hash 2552710f5f2f6ad2eb33a9f24f6d54dc
97ae3600f3f20aaa78be22a64e4d336dd2438b51
734e62053ec27fa17fa67f2506f7b8c4033874dd714381c44bef8aa3220dad5e
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ExlD5BKWjnsKAz2we3267HWXw2x34XNm1H6K/60MSS9EYV/Sa1SKDEqfxHTwa5Xb/5NyvKqAcwo=
x-amz-request-id: NCNGAW35ENPZYG1S
date: Thu, 27 Oct 2022 13:12:07 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2207
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jb=313e2666736337613e3365623460323135363e363332646033326964613761343263653969613f
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jb=313e2666736337613e3365623460323135363e363332646033326964613761343263653969613f
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jb=313e2666736337613e3365623460323135363e363332646033326964613761343263653969613f HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/javascript
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 2072e37be31e03ebee3d5538efe5acc0
a61cae073fdd67ef8c3ee58c2424a278a8854fc4
6ef2c21b5829fed6df243bbea33a803642e6359ce4303a0fb18be2588c936124
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120155
Date: Thu, 27 Oct 2022 13:48:55 GMT
Etag: "6359b0d2-1d7"
Expires: Fri, 28 Oct 2022 23:11:30 GMT
Last-Modified: Wed, 26 Oct 2022 22:12:34 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JWMkv7p02bvo9oUxbP0iSqFAw1SWh3B7IyRi749J41JqZ8pYvlHmgQ==
Age: 3536
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jd=373d262c6a64643d3d266a66683f386431623c35613a673432366d35336264356537326169316e3560383039676524686474663530323537303d
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jd=373d262c6a64643d3d266a66683f386431623c35613a673432366d35336264356537326169316e3560383039676524686474663530323537303d
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jd=373d262c6a64643d3d266a66683f386431623c35613a673432366d35336264356537326169316e3560383039676524686474663530323537303d HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
policy.cookiereports.com/07c47dab_panel-pt-br.js
34.107.253.133200 OK 24 kB URL HTTP/2 policy.cookiereports.com/07c47dab_panel-pt-br.js
IP 34.107.253.133:0
Hash 8543f8043aa0fb3a1597d28318b58df4
5e03e716b7569a2448a22c76077265dd513e8b89
693b1e795fbb1aeac789b7f108ac96a8b7511c60d976e780c9561808065ae856
GET /07c47dab_panel-pt-br.js HTTP/1.1
Host: policy.cookiereports.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
cache-control: public,max-age=3600
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
thm.visa.com/fp/clear.png
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp/clear.png HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Referer: https://vaidevisago.siteprofissional.com/
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Headers: accept
Access-Control-Allow-Method: GET
Access-Control-Allow-Origin: https://vaidevisago.siteprofissional.com
Access-Control-Max-Age: 120
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2db167fa90ac608471e80a6e33e95586
a7c37b836d5bc5dcc48ec5dea7a70c9993c4e8b6
12761fdb4454887c917fdea71f291da4cb6121b2e9d94ec6d1ae4d76edcb6cf0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 16:53:38 GMT
Expires: Tue, 01 Nov 2022 16:53:37 GMT
Etag: "a7c37b836d5bc5dcc48ec5dea7a70c9993c4e8b6"
Cache-Control: max-age=442481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760be45cabf70b4d-OSL
thm.visa.com/fp/top_fp.html;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec
91.235.133.182200 OK 14 kB URL HTTP/1.1 thm.visa.com/fp/top_fp.html;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec
IP 91.235.133.182:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 41f27bbf06f5261c4bdef71e59d1e139
c41bb14dbe9f76924d4a2c592cb432cd026e3a53
2381da83873539275e7b3ea719c30ca2411565f58a6e88529a3812e5f116db88
GET /fp/top_fp.html;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ja=343b312c266137302c7a3d3026643d313238387a3132303624616e3d33323a32783130303a267b7a7b3d387232266672703d3924313a3a32263b303036263b383a3826313038322e3b3238382c39393b2e313a3a3a2c333030342e322632247363663f38362e6c623d6a7e747a7325334127324625324e74616b666774697b61656f2c71697465707a6f6e6b717361656c616e2c616f652d324e67766b7a61312c7a627a273b4c3237264f617e2e323832322432322e3c332430372666723f24626a3f326436313c6130623834373a633f3434363361303235356e3265643a666330312668736d3f4c696e7570266271603d4e637065646d7a253a383138372460796f773f46636477702c6a736a753f4c69726d666f72246c686b3f3b36247478643f575e41246d61766a783f3a383336603238693037656263346466613060613a63343b31316434636163323031633d366d333a32693a6339663b3661693c343866313e3e3660376c3e33322e7a3d70647565636e5f6e6c61796a27354d646b6c716523706e776d6b6c5f776b6c6e6d7f73556d676e696b5f706c617b657225354d64616e71672370647565696c5d61646f626d5f6961706f6a6b762537476461647b6529726e7f6d696c5d7b7f6361637e696d6d25374f66616473652b726e756f6b645f71686d6369756b7467253547646b6e7b652b706e7f67636e5f7265636c706c61716772273747646164736721726e7567696e577664615d70646b7b65702737456e696c7b67237a6675656b64556e677e6b6c767a25374f66616473652b726e756f6b645f7176655f746b6f7567722537476c6364736f217266756d696e5f6a63766125354d64616e716724636b643f313432313832&jb=3339332c6c73374d657a696c6c632532463526322530322a556966646d77712732304e542d323833322e382f3142273032576166363c2731482f32327a3c3e2f314a2f32307a762739413138352e3a2b273238456f63696f273244303a3332303132332f3038466372676c6f722532463132352e30
91.235.133.182204 204 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ja=343b312c266137302c7a3d3026643d313238387a3132303624616e3d33323a32783130303a267b7a7b3d387232266672703d3924313a3a32263b303036263b383a3826313038322e3b3238382c39393b2e313a3a3a2c333030342e322632247363663f38362e6c623d6a7e747a7325334127324625324e74616b666774697b61656f2c71697465707a6f6e6b717361656c616e2c616f652d324e67766b7a61312c7a627a273b4c3237264f617e2e323832322432322e3c332430372666723f24626a3f326436313c6130623834373a633f3434363361303235356e3265643a666330312668736d3f4c696e7570266271603d4e637065646d7a253a383138372460796f773f46636477702c6a736a753f4c69726d666f72246c686b3f3b36247478643f575e41246d61766a783f3a383336603238693037656263346466613060613a63343b31316434636163323031633d366d333a32693a6339663b3661693c343866313e3e3660376c3e33322e7a3d70647565636e5f6e6c61796a27354d646b6c716523706e776d6b6c5f776b6c6e6d7f73556d676e696b5f706c617b657225354d64616e71672370647565696c5d61646f626d5f6961706f6a6b762537476461647b6529726e7f6d696c5d7b7f6361637e696d6d25374f66616473652b726e756f6b645f71686d6369756b7467253547646b6e7b652b706e7f67636e5f7265636c706c61716772273747646164736721726e7567696e577664615d70646b7b65702737456e696c7b67237a6675656b64556e677e6b6c767a25374f66616473652b726e756f6b645f7176655f746b6f7567722537476c6364736f217266756d696e5f6a63766125354d64616e716724636b643f313432313832&jb=3339332c6c73374d657a696c6c632532463526322530322a556966646d77712732304e542d323833322e382f3142273032576166363c2731482f32327a3c3e2f314a2f32307a762739413138352e3a2b273238456f63696f273244303a3332303132332f3038466372676c6f722532463132352e30
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&ja=343b312c266137302c7a3d3026643d313238387a3132303624616e3d33323a32783130303a267b7a7b3d387232266672703d3924313a3a32263b303036263b383a3826313038322e3b3238382c39393b2e313a3a3a2c333030342e322632247363663f38362e6c623d6a7e747a7325334127324625324e74616b666774697b61656f2c71697465707a6f6e6b717361656c616e2c616f652d324e67766b7a61312c7a627a273b4c3237264f617e2e323832322432322e3c332430372666723f24626a3f326436313c6130623834373a633f3434363361303235356e3265643a666330312668736d3f4c696e7570266271603d4e637065646d7a253a383138372460796f773f46636477702c6a736a753f4c69726d666f72246c686b3f3b36247478643f575e41246d61766a783f3a383336603238693037656263346466613060613a63343b31316434636163323031633d366d333a32693a6339663b3661693c343866313e3e3660376c3e33322e7a3d70647565636e5f6e6c61796a27354d646b6c716523706e776d6b6c5f776b6c6e6d7f73556d676e696b5f706c617b657225354d64616e71672370647565696c5d61646f626d5f6961706f6a6b762537476461647b6529726e7f6d696c5d7b7f6361637e696d6d25374f66616473652b726e756f6b645f71686d6369756b7467253547646b6e7b652b706e7f67636e5f7265636c706c61716772273747646164736721726e7567696e577664615d70646b7b65702737456e696c7b67237a6675656b64556e677e6b6c767a25374f66616473652b726e756f6b645f7176655f746b6f7567722537476c6364736f217266756d696e5f6a63766125354d64616e716724636b643f313432313832&jb=3339332c6c73374d657a696c6c632532463526322530322a556966646d77712732304e542d323833322e382f3142273032576166363c2731482f32327a3c3e2f314a2f32307a762739413138352e3a2b273238456f63696f273244303a3332303132332f3038466372676c6f722532463132352e30 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
s.dcbap.com/?cb=J6vPC2mkAAX4&zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532&systemid=dc11c47bca999c3031acccd32c0730f6&cachebreaker=1666878533
54.243.183.127200 OK 95 B URL HTTP/1.1 s.dcbap.com/?cb=J6vPC2mkAAX4&zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532&systemid=dc11c47bca999c3031acccd32c0730f6&cachebreaker=1666878533
IP 54.243.183.127:0
File type ASCII text, with no line terminators
Hash a849948c47d6255e6ea6eb60e238e948
e3c8db4d7448fdc8e422dcc7f42969678651c2da
b14ac7e801bf2dcb895a229befa17f1dde087dfbbb20126aaaa86c2ad791325f
GET /?cb=J6vPC2mkAAX4&zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532&systemid=dc11c47bca999c3031acccd32c0730f6&cachebreaker=1666878533 HTTP/1.1
Host: s.dcbap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: openresty
Content-Length: 95
Connection: keep-alive
thm.visa.com/fp/clear.png
91.235.133.182200 OK 81 B URL HTTP/1.1 thm.visa.com/fp/clear.png
IP 91.235.133.182:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*, ge4f5xfn/e5665d120f9905ecvme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 27 Oct 2022 13:48:55 GMT
Expires: Tue, 26 Oct 2027 13:48:55 GMT
Etag: 7b21f687bdd64f7dabb39517e81fee72
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://vaidevisago.siteprofissional.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
b.1p1eqpotato.com/ib/?p=1
35.170.21.18200 OK 0 B URL HTTP/2 b.1p1eqpotato.com/ib/?p=1
IP 35.170.21.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /ib/?p=1 HTTP/1.1
Host: b.1p1eqpotato.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vaidevisago.siteprofissional.com/
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:55 GMT
content-type: text/plain;charset=utf-8
content-length: 0
access-control-allow-origin: https://vaidevisago.siteprofissional.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,X-Forwarded-For,X-Forwarded-Proto,If-Modified-Since,referer,Cache-Control,Content-Type,Range,Pragma,Accept,Accept-Encoding,Accept-Language
X-Firefox-Spdy: h2
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jf=313e2666736037646c3662356135623138336e3636313b3a60643a6167656363643561353c6338
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jf=313e2666736037646c3662356135623138336e3636313b3a60643a6167656363643561353c6338
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jf=313e2666736037646c3662356135623138336e3636313b3a60643a6167656363643561353c6338 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thm.visa.com/fp/ls_fp.html;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
ocsp.securetrust.com/
23.36.79.18200 OK 638 B IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
Hash d8d3d02c40dad4c7c611dbb8a0ece2f4
96d214e5166469ea994aa13468448d1449e78402
d325f9462edde57b3395040d65147cab9202b88b57128ad497c05115f1fb2fa4
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Thu, 27 Oct 2022 13:48:55 GMT
Connection: keep-alive
qdatasales.com/scripts/Pt8cY8Qvgbs5.js?sid=89140080
167.99.54.244200 OK 2.0 kB URL HTTP/1.1 qdatasales.com/scripts/Pt8cY8Qvgbs5.js?sid=89140080
IP 167.99.54.244:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (4201), with no line terminators
Hash 9e175b6a5eeaa4a7daf14b497da14401
be68b9e6f8623860f54f353602552220539026a6
b0c00b5183b6411475431ebae369c3109f7697b2abb4fbceda1513e1d82d3d6e
GET /scripts/Pt8cY8Qvgbs5.js?sid=89140080 HTTP/1.1
Host: qdatasales.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:55 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 12 Jul 2017 13:18:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uid=p2M29GNajEcodi30A/WQAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=qdatasales.com; path=/
Content-Encoding: gzip
ge4f5xfnvb2ek5ezmox23atut4yanb7hkr2tcvzje5665d120f9905ecam1.e.aa.online-metrix.net/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&di=yes
91.235.134.131200 OK 81 B URL HTTP/1.1 ge4f5xfnvb2ek5ezmox23atut4yanb7hkr2tcvzje5665d120f9905ecam1.e.aa.online-metrix.net/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&di=yes
IP 91.235.134.131:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&di=yes HTTP/1.1
Host: ge4f5xfnvb2ek5ezmox23atut4yanb7hkr2tcvzje5665d120f9905ecam1.e.aa.online-metrix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
b.1p1eqpotato.com/ib/?p=1
35.170.21.18204 No Content 0 B URL HTTP/2 b.1p1eqpotato.com/ib/?p=1
IP 35.170.21.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ib/?p=1 HTTP/1.1
Host: b.1p1eqpotato.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 522
Origin: https://vaidevisago.siteprofissional.com
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 27 Oct 2022 13:48:55 GMT
access-control-allow-origin: https://vaidevisago.siteprofissional.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,X-Forwarded-For,X-Forwarded-Proto,If-Modified-Since,referer,Cache-Control,Content-Type,Range,Pragma,Accept,Accept-Encoding,Accept-Language
X-Firefox-Spdy: h2
pnt-a.akamaihd.net/s.gif?_&t=fpdau&ufp=7f193532908c96e4ecc4cc0b24ce9bac&zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532&systemid=dc11c47bca999c3031acccd32c0730f6&cachebreaker=1666878533
23.36.76.193204 No Content 0 B URL HTTP/1.1 pnt-a.akamaihd.net/s.gif?_&t=fpdau&ufp=7f193532908c96e4ecc4cc0b24ce9bac&zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532&systemid=dc11c47bca999c3031acccd32c0730f6&cachebreaker=1666878533
IP 23.36.76.193:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?_&t=fpdau&ufp=7f193532908c96e4ecc4cc0b24ce9bac&zoneid=89140080&pid=2450&cid=NO&items=8c206-e6a00-i4c62-w978b-y7181-ybeb1-z7b85-za735&c=ZXh0PU5vdCUyMHNldCZjb2w9&ext=Not%20set&frt=1666878532&systemid=dc11c47bca999c3031acccd32c0730f6&cachebreaker=1666878533 HTTP/1.1
Host: pnt-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Expires: Thu, 27 Oct 2022 13:48:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 27 Oct 2022 13:48:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
thm.visa.com/fp/clear1.png;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jf=3639362c736b6e5f786e643d7466725f52763e7b796a46703156475a35534d542673696457646976673d393c34363a353a353b3c267b6b66557e797267377d6f60326f63647b6124796964576b65733f31303d3b393033333236323538633a36343a616f316c303830333a363a3832613834343863653b663031323332373833363232323034323869666e3464396e686330356367376a6c666a3a306c6b633764323d3d35303330663e6130383035693066683a6162306432356633633766346b6764636237333b633f366c32333f636c6332386566636332306c67643b613637316b6637333460383966366c376c6666623c6f3531633036346e3e383032343e3a6367636e2c796b6c5573696f3d313a34353832323a343a6269613a653b38363666343332373031363b3861696268393539306e6639393634656139333a3a3766333a32366a3966366034656538623f64306130386c3a3032333232613e6b383035343f6b3431633e3a3a603c6833343135633837613b3766686467613f663d363164313835353e3335643264663e63383369346738393b3936346424736966723532
91.235.133.182204 204 0 B URL HTTP/1.1 thm.visa.com/fp/clear1.png;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jf=3639362c736b6e5f786e643d7466725f52763e7b796a46703156475a35534d542673696457646976673d393c34363a353a353b3c267b6b66557e797267377d6f60326f63647b6124796964576b65733f31303d3b393033333236323538633a36343a616f316c303830333a363a3832613834343863653b663031323332373833363232323034323869666e3464396e686330356367376a6c666a3a306c6b633764323d3d35303330663e6130383035693066683a6162306432356633633766346b6764636237333b633f366c32333f636c6332386566636332306c67643b613637316b6637333460383966366c376c6666623c6f3531633036346e3e383032343e3a6367636e2c796b6c5573696f3d313a34353832323a343a6269613a653b38363666343332373031363b3861696268393539306e6639393634656139333a3a3766333a32366a3966366034656538623f64306130386c3a3032333232613e6b383035343f6b3431633e3a3a603c6833343135633837613b3766686467613f663d363164313835353e3335643264663e63383369346738393b3936346424736966723532
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear1.png;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jf=3639362c736b6e5f786e643d7466725f52763e7b796a46703156475a35534d542673696457646976673d393c34363a353a353b3c267b6b66557e797267377d6f60326f63647b6124796964576b65733f31303d3b393033333236323538633a36343a616f316c303830333a363a3832613834343863653b663031323332373833363232323034323869666e3464396e686330356367376a6c666a3a306c6b633764323d3d35303330663e6130383035693066683a6162306432356633633766346b6764636237333b633f366c32333f636c6332386566636332306c67643b613637316b6637333460383966366c376c6666623c6f3531633036346e3e383032343e3a6367636e2c796b6c5573696f3d313a34353832323a343a6269613a653b38363666343332373031363b3861696268393539306e6639393634656139333a3a3766333a32366a3966366034656538623f64306130386c3a3032333232613e6b383035343f6b3431633e3a3a603c6833343135633837613b3766686467613f663d363164313835353e3335643264663e63383369346738393b3936346424736966723532 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=95
qdatasales.com/?events=W1siaHR0cHMlM0ElMkYlMkZ2YWlkZXZpc2Fnby5zaXRlcHJvZmlzc2lvbmFsLmNvbSUyRmV0YXBhMy5waHAlM0YyNy5PY3QuMjAyMi4wMC40MS4wNSIsMTY2Njg3ODUzNDQ4MywxNjY2ODc4NTM0NDgzLDIwMF1d&referrer=&type=stats&version=1.1.8&sourceId=Pt8cY8Qvgbs5%3Fsid%3D89140080
167.99.54.244200 OK 0 B URL HTTP/1.1 qdatasales.com/?events=W1siaHR0cHMlM0ElMkYlMkZ2YWlkZXZpc2Fnby5zaXRlcHJvZmlzc2lvbmFsLmNvbSUyRmV0YXBhMy5waHAlM0YyNy5PY3QuMjAyMi4wMC40MS4wNSIsMTY2Njg3ODUzNDQ4MywxNjY2ODc4NTM0NDgzLDIwMF1d&referrer=&type=stats&version=1.1.8&sourceId=Pt8cY8Qvgbs5%3Fsid%3D89140080
IP 167.99.54.244:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?events=W1siaHR0cHMlM0ElMkYlMkZ2YWlkZXZpc2Fnby5zaXRlcHJvZmlzc2lvbmFsLmNvbSUyRmV0YXBhMy5waHAlM0YyNy5PY3QuMjAyMi4wMC40MS4wNSIsMTY2Njg3ODUzNDQ4MywxNjY2ODc4NTM0NDgzLDIwMF1d&referrer=&type=stats&version=1.1.8&sourceId=Pt8cY8Qvgbs5%3Fsid%3D89140080 HTTP/1.1
Host: qdatasales.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:55 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
qdatasales.com/?events=W1siaHR0cHMlM0ElMkYlMkZ2YWlkZXZpc2Fnby5zaXRlcHJvZmlzc2lvbmFsLmNvbSUyRmV0YXBhMy5waHAlM0YyNy5PY3QuMjAyMi4wMC40MS4wNSIsMTY2Njg3ODUzNDQ5NywxNjY2ODc4NTM0NDk3LDIwMF1d&referrer=&type=stats&version=1.1.8&sourceId=Pt8cY8Qvgbs5%3Fsid%3D89140080
167.99.54.244200 OK 0 B URL HTTP/1.1 qdatasales.com/?events=W1siaHR0cHMlM0ElMkYlMkZ2YWlkZXZpc2Fnby5zaXRlcHJvZmlzc2lvbmFsLmNvbSUyRmV0YXBhMy5waHAlM0YyNy5PY3QuMjAyMi4wMC40MS4wNSIsMTY2Njg3ODUzNDQ5NywxNjY2ODc4NTM0NDk3LDIwMF1d&referrer=&type=stats&version=1.1.8&sourceId=Pt8cY8Qvgbs5%3Fsid%3D89140080
IP 167.99.54.244:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?events=W1siaHR0cHMlM0ElMkYlMkZ2YWlkZXZpc2Fnby5zaXRlcHJvZmlzc2lvbmFsLmNvbSUyRmV0YXBhMy5waHAlM0YyNy5PY3QuMjAyMi4wMC40MS4wNSIsMTY2Njg3ODUzNDQ5NywxNjY2ODc4NTM0NDk3LDIwMF1d&referrer=&type=stats&version=1.1.8&sourceId=Pt8cY8Qvgbs5%3Fsid%3D89140080 HTTP/1.1
Host: qdatasales.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Oct 2022 13:48:55 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jac=1&je=333a312c2672673d646f26617566683d64663d36623736323a303d3561643767623630396b636d6661613d3c3532346761353938366b343a3f3c323a616f336e32313d39363e33333e30323b31646e3024657031376464363a656435683235383863643e603f396c623a6c626f6265653364356161636b66333b343632
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jac=1&je=333a312c2672673d646f26617566683d64663d36623736323a303d3561643767623630396b636d6661613d3c3532346761353938366b343a3f3c323a616f336e32313d39363e33333e30323b31646e3024657031376464363a656435683235383863643e603f396c623a6c626f6265653364356161636b66333b343632
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jac=1&je=333a312c2672673d646f26617566683d64663d36623736323a303d3561643767623630396b636d6661613d3c3532346761353938366b343a3f3c323a616f336e32313d39363e33333e30323b31646e3024657031376464363a656435683235383863643e603f396c623a6c626f6265653364356161636b66333b343632 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: text/javascript
canvaspl-a.akamaihd.net/s.gif?t=pl&d=Y2lkPU5PJml0ZW1zPThjMjA2LWU2YTAwLWk0YzYyLXc5NzhiLXliZWIxLXphNzM1JmZydD0xNjY2ODc4NTMyJndzPTEyODB4OTM5JmNvbD04OTE0MDA4MF8yNDUwJmx0PWUmaWQ9YTgyZDcxNjA1MjQ5NDkyYTk3YzY2NTliMzc1MDI4NjcmcmVmPQ%3D%3D&u=https%3A%2F%2Fvaidevisago.siteprofissional.com%2Fetapa3.php
23.36.76.185200 OK 0 B URL HTTP/1.1 canvaspl-a.akamaihd.net/s.gif?t=pl&d=Y2lkPU5PJml0ZW1zPThjMjA2LWU2YTAwLWk0YzYyLXc5NzhiLXliZWIxLXphNzM1JmZydD0xNjY2ODc4NTMyJndzPTEyODB4OTM5JmNvbD04OTE0MDA4MF8yNDUwJmx0PWUmaWQ9YTgyZDcxNjA1MjQ5NDkyYTk3YzY2NTliMzc1MDI4NjcmcmVmPQ%3D%3D&u=https%3A%2F%2Fvaidevisago.siteprofissional.com%2Fetapa3.php
IP 23.36.76.185:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?t=pl&d=Y2lkPU5PJml0ZW1zPThjMjA2LWU2YTAwLWk0YzYyLXc5NzhiLXliZWIxLXphNzM1JmZydD0xNjY2ODc4NTMyJndzPTEyODB4OTM5JmNvbD04OTE0MDA4MF8yNDUwJmx0PWUmaWQ9YTgyZDcxNjA1MjQ5NDkyYTk3YzY2NTliMzc1MDI4NjcmcmVmPQ%3D%3D&u=https%3A%2F%2Fvaidevisago.siteprofissional.com%2Fetapa3.php HTTP/1.1
Host: canvaspl-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PBhrJJYkKo48ELT33xMKCCqr5kIJDqRCUqtJ+58k9V+mYYH0s6rcYUyFFb1GJoZ6KX0HHFghFeM=
x-amz-request-id: 223A97A2A54A53F7
Last-Modified: Fri, 20 Jan 2017 15:27:08 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 0
Server: AmazonS3
Date: Thu, 27 Oct 2022 13:48:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jac=1&je=303d262c776b673d7d65627274615f696e746d706e636e5d6f646673
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jac=1&je=303d262c776b673d7d65627274615f696e746d706e636e5d6f646673
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec&jac=1&je=303d262c776b673d7d65627274615f696e746d706e636e5d6f646673 HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:59 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec
91.235.133.182204 No Content 0 B URL HTTP/1.1 thm.visa.com/fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec
IP 91.235.133.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp/clear.png?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec HTTP/1.1
Host: thm.visa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://thm.visa.com
Connection: keep-alive
Referer: https://thm.visa.com/fp/top_fp.html;CIS3SID=77381C07158484FF308EBA4D3E89D114?org_id=ge4f5xfn&session_id=vme_prod_001qrqtuaxf42rgvpxu70vru5ptxths2axjs5vcgpx9umbcjn0rwkknsln41hafo158aeobwpi3ndb1c1ww_gbpd2gn&nonce=e5665d120f9905ec
Cookie: thx_guid=905b1e96f1c748492edce42dd56dea54
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Thu, 27 Oct 2022 13:48:59 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://thm.visa.com
Content-Type: text/javascript
usr.navdmp.com/usr?v=8&acc=32949&upd=1&new=1&wct=1&dsy=0
104.16.11.243200 OK 0 B URL HTTP/2 usr.navdmp.com/usr?v=8&acc=32949&upd=1&new=1&wct=1&dsy=0
IP 104.16.11.243:0
GET /usr?v=8&acc=32949&upd=1&new=1&wct=1&dsy=0 HTTP/1.1
Host: usr.navdmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vaidevisago.siteprofissional.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 13:48:53 GMT
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: nid=11a1e10318b87b9a672218302010|0|327; Domain=.navdmp.com; expires=Wed, 16 Oct 2024 13:52:11 GMT; Path=/; SameSite=None; Secure
expires: Thu, 27 Oct 2022 14:48:53 GMT
cache-control: max-age=3600
act: f0
pragma: public
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760be4515b79b51b-OSL
X-Firefox-Spdy: h2