firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 20:13:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NX9bPdkoH1am0laVtsCLIeO04eglRTFU1eBLMzUsVPb3Ph55q5kjnw==
Age: 2411
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6369
Expires: Tue, 20 Sep 2022 22:39:34 GMT
Date: Tue, 20 Sep 2022 20:53:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sTRKeVKreJ2w_vMLIV2yGB9ftRmU3p0GB8UO_Ck4H3pVxWqqpCLfmA==
age: 58692
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 20:03:22 GMT
Expires: Tue, 20 Sep 2022 20:31:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1LJ8_qzrG3dl6O9yjcrk5IU8upARt0LkHwpi48k-yuUwMCT7salcqw==
Age: 3004
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:26 GMT
Last-Modified: Tue, 20 Sep 2022 19:21:16 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.196.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.196.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ukD1VccgfrOKzRDR8LagYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fVUqEBGUpHUyIYNFtHviRma9lKQ=
www.oitocreditoimobiliario.com.br/
177.55.121.37301 Moved Permanently 0 B URL HTTP/1.1 www.oitocreditoimobiliario.com.br/
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 20:53:25 GMT
Server: Umbler
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.oitocreditoimobiliario.com.br/
Cache-Control: max-age=86400
Expires: Wed, 21 Sep 2022 20:53:25 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2578
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2578
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2578
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2578
Expires: Tue, 20 Sep 2022 21:36:25 GMT
Date: Tue, 20 Sep 2022 20:53:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 81982
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 80997
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 82231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 65230
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 82254
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 83003
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c592fdafb92f3ae04d5d81abc63f3bd6
42202ab0138567b46ea1913e75fda1bcf3361015
e2cddc4f6e4a0b1aa18c85352e598561ade82c6ac8c17bc17d005095b8321bc3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CDDC4F6E4A0B1AA18C85352E598561ADE82C6AC8C17BC17D005095B8321BC3"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Sep 2022 02:53:28 GMT
Date: Tue, 20 Sep 2022 20:53:28 GMT
Connection: keep-alive
www.oitocreditoimobiliario.com.br/
177.55.121.37301 Moved Permanently 0 B URL HTTP/2 www.oitocreditoimobiliario.com.br/
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-redirect-by: WordPress
location: https://oitocreditoimobiliario.com.br/
cache-control: max-age=86400
expires: Wed, 21 Sep 2022 20:53:28 GMT
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 20:53:28 GMT
server: Umbler
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oitocreditoimobiliario.com.br/
177.55.121.37200 OK 52 kB URL HTTP/2 oitocreditoimobiliario.com.br/
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28768)
Hash 9937f8ca6e8727d3a78b3a129a2cf8e4
67bcbbc656a8e16d9610a7056ed17129de8bec37
09b175ec0d0babd6043c9b8a0eb6dab30068386acd30e14bb0ddd32caa188a19
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Wed, 21 Sep 2022 20:53:29 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: none
content-length: 51953
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 20:53:29 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/30dwlvsz/2pex3.css
177.55.121.37200 OK 3.9 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/30dwlvsz/2pex3.css
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (19538), with no line terminators
Hash e21efbf3dd1edba7ae86ec242e8f9bc9
206cd62a6cb6f105e05188c9e4c04f68fe257311
193e36db183fb2471b558e00feef819cdfadea8f4a881be8089a94c71d7209cb
GET /wp-content/cache/wpfc-minified/30dwlvsz/2pex3.css HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:11:27 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 3873
content-type: text/css
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/6wtnqene/2pex3.css
177.55.121.37200 OK 20 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/6wtnqene/2pex3.css
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8c263dcd9d948709d5f7d44b7fce5d50
b6609ebbe2d17cdf06b221591dc689418c08916f
dcaa4420589d83a4ea62df3538f8839a9a6ad53d8a1f14d57bdd9773caea974b
GET /wp-content/cache/wpfc-minified/6wtnqene/2pex3.css HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:11:27 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 19654
content-type: text/css
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bd71931940eaea6d7e89efaa361086c1
ff617dd466416a7823839f962c2709c953a84526
77adae71a66a99a873ee103a8848f9e0cff6eee78187f6259b0dd61d4113a919
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:53:30 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DceHfNCsR8ahb4CNnjHq9_Qiru0p0Iof1eF22d5jaB-w4_H24ORCTA==
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bd71931940eaea6d7e89efaa361086c1
ff617dd466416a7823839f962c2709c953a84526
77adae71a66a99a873ee103a8848f9e0cff6eee78187f6259b0dd61d4113a919
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:53:30 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oUY7rpPIWjX77K-CvYhjxgoGb2cphKUVTvvMaMBfyumorfoBt6w9gg==
fonts.googleapis.com/css?family=Montserrat%3A1%2C400%2C400italic%2C500%2C700%2C700italic%2C800%2C900&ver=5.9.3
142.250.74.10200 OK 13 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A1%2C400%2C400italic%2C500%2C700%2C700italic%2C800%2C900&ver=5.9.3
IP 142.250.74.10:0
File type ASCII text, with very long lines (54224)
Hash 56eae0ad52231bed12ebaf0d9945cdd4
4a732309425942b5c697e3cfde95f4879834e3ac
fd46d5abacd97b26229f4d46b24045613b89d08020e5cb7d48f11ddc312ace2c
GET /css?family=Montserrat%3A1%2C400%2C400italic%2C500%2C700%2C700italic%2C800%2C900&ver=5.9.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:53:30 GMT
date: Tue, 20 Sep 2022 20:53:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/243n8go9/2pe81.js
177.55.121.37200 OK 2.9 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/243n8go9/2pe81.js
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (1022)
Hash 4bf114b77dc70e8807c1764a31bb2726
9d3593e2092400fd2d1ce88bc91de3efb50f5890
c5d89892e7cb21fe4db9b33df2cf932d639f1556578a797389c22f5d9804460a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wpfc-minified/243n8go9/2pe81.js HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:07:15 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 2870
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/7bp890qu/2pe80.js
177.55.121.37200 OK 8.2 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/7bp890qu/2pe80.js
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Hash a1256a90302f33e79f5cd7b75f342ce5
c56b39c701a184b59841d5ca5117ce250c9611cb
7de1150afa1b690bef493d38930429c72eab75a1681e9fb7b403685a4687066b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wpfc-minified/7bp890qu/2pe80.js HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:07:14 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 8189
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/9ldtb446/2pexj.css
177.55.121.37200 OK 17 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/9ldtb446/2pexj.css
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (65536), with no line terminators
Hash a5e3fd3006e446e4072da2db48144ed1
b37334738068db83d55dfc70786f8c99c63e9cd4
dfb0c4fec40e85bd970f9431dae884e390c4e54f43cf6f62d7149504d42065ee
GET /wp-content/cache/wpfc-minified/9ldtb446/2pexj.css HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:11:33 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 16913
content-type: text/css
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
177.55.121.37200 OK 3.3 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash c017689025daab3dabf84b7fd7a360cc
1cfac15bb496b5fd22d0d52db76de4d64a0be4b2
afa970894fb49ec85a8e8d15625b23eecb35d49d4e1b65b67dbce204be0bda24
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Feb 2022 16:17:16 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 3284
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/mp0gib0g/2pex3.css
177.55.121.37200 OK 21 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/mp0gib0g/2pex3.css
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (65536), with no line terminators
Hash aea4898e720d9aa36d8b8fcb4094b7da
5dc2eb92d970f06589812dcf6a7bed48366a5e76
c3540ce35381dcdbafb60feedadcaf00a1c4ff2c3a1310fe1ab8b64d8f3d9027
GET /wp-content/cache/wpfc-minified/mp0gib0g/2pex3.css HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:11:27 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 20639
content-type: text/css
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1661775139
177.55.121.37200 OK 15 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1661775139
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (55896), with no line terminators
Hash b6604a3f81ac7419bbdda6954fefb5a6
4ee6bb7b1a674b71660c8a86a95974493b28fbed
a39ea70838c3e4853546f84520dc543d2643ae0440c2682c9ba61ba5dee69fb1
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1661775139 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Sep 2022 01:45:37 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 14774
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.0.5
177.55.121.37200 OK 4.2 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.0.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (14869)
Hash 52cfd73338650d4827a5f9b1a2a97391
0b5c907ec31632984a68926888af9c351cfcf6b5
db7a32aaa5b0afaabf69a2b58c5103f23ed30095804c41f1f02bccf10178026d
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.0.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:06:47 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 4178
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.0.5
177.55.121.37200 OK 622 B URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.0.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (1723)
Hash 29f8ed0dbfbc2322a1f1d728793f32fa
ae645b069f9c842aa463395a02e64d4537b7c130
c7d83503cd56f991c416178516fe38567c4f8672d22e031817484714e679505e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=21.0.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 22:30:30 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 622
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.0.5
177.55.121.37200 OK 1.5 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.0.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Hash 5258697ed60ffa0e40e7cc5f32bdfce3
3eae95bc27bc3b5b857893c71e03f04ddb42729b
1f34584d0620e7059f5dd1b99e2f080c6db213b8b24206bff8c95d00adb74350
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=21.0.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 22:30:30 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 1498
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 4.8 kB URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash 072bb2049e9a901fd60e9535d0e34bac
13e928fa1f62131b578aff71aae96cf7ab7bca70
613369b1732e7591fde2c62ab14f02879e1f71114808c93f53d4e05e5ea85b69
GET /c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.0.5
177.55.121.37200 OK 13 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.0.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (634)
Hash bd374f365817b037bf6eb6bfb36e0814
d3e5f9a5ff99a22eb0f813bc026376d312fff904
9cde30674c93181be91daae91a1ca56d0f4af1a766169acbff70faafa8959c64
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=21.0.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 22:30:30 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 12627
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/unlimited-elements-for-elementor/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.5.0
177.55.121.37200 OK 12 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/unlimited-elements-for-elementor/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.5.0
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (44959)
Hash ed7be794052e82f948b411b629585e20
b9e89b353f52856d6a781c65fdd9e1a921cc1e17
6d1edce8282df572c5c6a9e2c169edc157d8475c76a5286ce2c52ff0bd4e922d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/unlimited-elements-for-elementor/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.5.0 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Feb 2022 22:17:04 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 11610
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/themes/betheme/js/scripts.js?ver=21.0.5
177.55.121.37200 OK 14 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/themes/betheme/js/scripts.js?ver=21.0.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Hash 7db0f01ffb4405d0c023ba171205f910
11b725d9a87356636136dabc951a8d63a04a232c
e33cd8f985059c3d249d9f3ac5c06023d3f5194a606aa4e6f9aae9ec5fac7c71
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=21.0.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 22:30:30 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 13830
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
177.55.121.37200 OK 4.6 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (14238)
Hash e01be42441ba28e9909f21a1a708be34
04b805cf1b77de520c77a960ba66a38bcbb11d98
aac9259f69752b5e64e7d8c9331671fad9ff683dbfe0bac8056074cc4f85e384
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:06:47 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 4613
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
177.55.121.37200 OK 2.2 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (4921)
Hash 11adc264247bd13b2928d7a9fbfb878e
fd3c513840a25f91ce969f06196a7c355a2189f0
5b7f89511345ff8cad27d848c86e37f04a4ee4f1346e2c1f932cfd5683128ffc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.5 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:06:47 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 2195
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
177.55.121.37200 OK 3.0 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (12198), with no line terminators
Hash dceed141ce93f206eca963c22e1deacf
ac2a9d2441b756845ebac12797822bb6cf62b274
f57cec207bc90dbe9269a675148a52aca7bf697ca5ac9f531c7c36d6044363d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:06:47 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 2994
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W54XZ9X
142.250.74.72200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W54XZ9X
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 5762cc57414423b71702c4e955591589
9a2c620de5b7634573a805e6a8d13dd57830d691
0fc78ff419a8b68995112449b84fcadcd36133cda87774650f7ecfdcde4006f2
GET /gtm.js?id=GTM-W54XZ9X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 20:53:31 GMT
expires: Tue, 20 Sep 2022 20:53:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 19:54:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49779
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 17 kB URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (39791)
Hash 6f31288a0db3a95ca367e8a22064c6f2
f186bb47213fb25489e9aab7511301393e7960c8
738f0b5c8d6900b987650cab6284f1e4673fed6c03283052363539d00c28ea78
GET /c/5.9.3/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 6.6 kB URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash a3a3a9b76370b0bcf9fdca7a81d59dae
31aa54f90f59df1e07e451e39daffa253f86936b
7a4d8dfd73f4d80b618d38e9ada82da6a826fccb32ec1aaf4b80b0ac393a261d
GET /c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oitocreditoimobiliario.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 447193
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js
192.0.77.37200 OK 2.8 kB URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (6494), with no line terminators
Hash 59893160363a9fd4e0ef58fd61adf94d
b27f1bfb6114be64c340400d5b02fa5dd38afd43
c83ea529dfde275362d0b98554c30b87d948dd0d8f6be9a3858a897108cddf70
GET /c/5.9.3/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/02/Celular-home.png?w=1000&ssl=1
192.0.77.2200 OK 32 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/02/Celular-home.png?w=1000&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fe9db21582bcc8009d90e5b23841812b
1014836ea66531fbf6080ebdfaffa4f2e225992b
688a19ba1aaa718bc0a6eb6b2cabdd43f68d93ca90aa24842b2bc0080b788b20
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/02/Celular-home.png?w=1000&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:31 GMT
content-type: image/webp
content-length: 32290
last-modified: Tue, 20 Sep 2022 20:53:31 GMT
expires: Fri, 20 Sep 2024 08:53:31 GMT
cache-control: public, max-age=63115200
link: <https://oitocreditoimobiliario.com.br/wp-content/uploads/2022/02/Celular-home.png>; rel="canonical"
x-content-type-options: nosniff
etag: "598a3cedc41f2e50"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=203200011&post=2727&tz=-3&srv=oitocreditoimobiliario.com.br&host=oitocreditoimobiliario.com.br&ref=&fcp=6177&rand=0.7965069557113259
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=203200011&post=2727&tz=-3&srv=oitocreditoimobiliario.com.br&host=oitocreditoimobiliario.com.br&ref=&fcp=6177&rand=0.7965069557113259
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.6&blog=203200011&post=2727&tz=-3&srv=oitocreditoimobiliario.com.br&host=oitocreditoimobiliario.com.br&ref=&fcp=6177&rand=0.7965069557113259 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:31 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
192.0.77.2200 OK 18 kB URL HTTP/2 i1.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f8e91dc1829427d522bd31c272d3a5f8
96b7691b1c417363009bed02c952d569feb1fbaf
934bd07ca5120cca66a8cdd7a2b063e06df8c04255637ecb136573572ebd0901
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:31 GMT
content-type: image/webp
content-length: 17998
last-modified: Tue, 20 Sep 2022 20:53:31 GMT
expires: Fri, 20 Sep 2024 08:53:31 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png>; rel="canonical"
x-content-type-options: nosniff
etag: "20f71bdc92d7ab4a"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
192.0.77.2200 OK 18 kB URL HTTP/2 i2.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f8e91dc1829427d522bd31c272d3a5f8
96b7691b1c417363009bed02c952d569feb1fbaf
934bd07ca5120cca66a8cdd7a2b063e06df8c04255637ecb136573572ebd0901
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:31 GMT
content-type: image/webp
content-length: 17998
last-modified: Tue, 20 Sep 2022 20:53:31 GMT
expires: Fri, 20 Sep 2024 08:53:31 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png>; rel="canonical"
x-content-type-options: nosniff
etag: "20f71bdc92d7ab4a"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i3.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
192.0.77.2200 OK 18 kB URL HTTP/2 i3.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f8e91dc1829427d522bd31c272d3a5f8
96b7691b1c417363009bed02c952d569feb1fbaf
934bd07ca5120cca66a8cdd7a2b063e06df8c04255637ecb136573572ebd0901
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png HTTP/1.1
Host: i3.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:31 GMT
content-type: image/webp
content-length: 17998
last-modified: Tue, 20 Sep 2022 20:53:31 GMT
expires: Fri, 20 Sep 2024 08:53:31 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png>; rel="canonical"
x-content-type-options: nosniff
etag: "20f71bdc92d7ab4a"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
192.0.77.2200 OK 18 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f8e91dc1829427d522bd31c272d3a5f8
96b7691b1c417363009bed02c952d569feb1fbaf
934bd07ca5120cca66a8cdd7a2b063e06df8c04255637ecb136573572ebd0901
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:31 GMT
content-type: image/webp
content-length: 17998
last-modified: Tue, 20 Sep 2022 20:53:31 GMT
expires: Fri, 20 Sep 2024 08:53:31 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2020/06/logo-OITO.png>; rel="canonical"
x-content-type-options: nosniff
etag: "20f71bdc92d7ab4a"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
177.55.121.37200 OK 13 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/mp0gib0g/2pex3.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:06:47 GMT
accept-ranges: bytes
content-length: 13276
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-type: application/font-woff2
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
stats.wp.com/e-202235.js
192.0.76.3200 OK 81 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 07823d7b72389da58052a4feb49c2c0b
1684492c765af865b45993675c664b0fab8a8d4b
06c287155e7696f8ebdc1ad8fcbccc660f15eb9e6184732b15a5d75a3858828e
GET /e-202235.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 21 Aug 2023 04:16:22 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-5.jpg?fit=300%2C200&ssl=1
192.0.77.2200 OK 4.4 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-5.jpg?fit=300%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0470602612a43bb8a59c37aca819c340
39ea991009520f09fb5f238ef04305a0dcfc600a
c87042b2443bc542fdd78625c6aca24a5b3ff2bb240589d9c6c95ef9b844ae8a
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-5.jpg?fit=300%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 4366
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <https://oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-5.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4aa069ea00257b63"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/10.6/_inc/build/photon/photon.min.js
192.0.77.37200 OK 77 kB URL HTTP/2 c0.wp.com/p/jetpack/10.6/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (685), with no line terminators
Hash 35fd1a905cfb523d2c3c05e561863945
53593097113c7e8c158e273fe08541a6c93e2d22
c422749d73fc90e001be16b83e458970e953957b35544939ec1c53d7f7becbff
GET /p/jetpack/10.6/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/themes/betheme/fonts/mfn-icons.woff?93978679
177.55.121.37200 OK 81 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/themes/betheme/fonts/mfn-icons.woff?93978679
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type Web Open Font Format, TrueType, length 81012, version 1.0\012- data
Hash ddef8e5d5ade8082730b2f85ffd0d069
40616a712428f21df7a02089b403cee26cab9017
a7394aa489117966925428adf2285efbb983045673314c585c1190b78b1f2afb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/fonts/mfn-icons.woff?93978679 HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/mo8rtdfx/2pe7x.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 22:30:30 GMT
accept-ranges: bytes
content-length: 81012
cache-control: max-age=0
expires: max-age=A10368000, public
vary: Accept-Encoding
content-type: x-font/woff
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
177.55.121.37200 OK 662 B URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
File type ASCII text, with very long lines (1316)
Hash 7c65d84c05a704f5e8449fb11d0eb150
f363f08822a21f80f1a705b4ec5f14db52192880
d706417d23508bf41b6cdb3ba53643b84e49c2bf8302236bb5175c91b8babc2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.289ae80d76f0c5abea44.bundle.min.js HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:06:47 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-length: 662
content-type: application/javascript
date: Tue, 20 Sep 2022 20:53:32 GMT
server: Umbler
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-03.png?fit=800%2C500&ssl=1
192.0.77.2200 OK 38 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-03.png?fit=800%2C500&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ff028aa8cb70e01e4e49ea5153730422
a65623b1170490556fe02cdc3338f8aff550a7f2
8dc6887b5f2a4d060f59376a9711a5d3b9c28fca9d8fbd8b89e796cd493d72f9
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-03.png?fit=800%2C500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 37570
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <https://oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-03.png>; rel="canonical"
x-content-type-options: nosniff
etag: "640298cb96deeecd"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-3.jpg?fit=300%2C200&ssl=1
192.0.77.2200 OK 12 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-3.jpg?fit=300%2C200&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 51bf3ae9a1742e8ed81ee46a4676baa5
c26f3dc14151c2805e039588256d3e2d8be21dbd
3a8edd0941cde48034b2291f16b740c033667a1a2d58867412e53b04060cc6a8
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-3.jpg?fit=300%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 11772
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <https://oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/namidia-3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "634c7a317f451728"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-04.png?fit=800%2C500&ssl=1
192.0.77.2200 OK 384 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-04.png?fit=800%2C500&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 384 kB (383478 bytes)
Hash 9a61abf88968d4d5a5468053c2a79102
69c0a33ce7727f17630456d51190e32951089d4c
becd876d19315bd78ea320a1280e0485dbff6dd6300c3b881a10fa77c30c4c55
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-04.png?fit=800%2C500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 383478
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <https://oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-04.png>; rel="canonical"
x-content-type-options: nosniff
etag: "f2cc90c97895a6a4"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-05.png?fit=800%2C500&ssl=1
192.0.77.2200 OK 396 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-05.png?fit=800%2C500&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 396 kB (395992 bytes)
Hash 534a25ec65de40466523990155662de3
428912e442c5d9cdf43dd6b4983a83c48aac618e
9eed25e09273cc68fd427bffa7b80a0c6d6dcdb8d1c328003846e064de6baa69
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-05.png?fit=800%2C500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 395992
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <https://oitocreditoimobiliario.com.br/wp-content/uploads/2021/04/Oito-Responsabilidade-Social-05.png>; rel="canonical"
x-content-type-options: nosniff
etag: "3415277d7eba7fe3"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i3.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-3-opt.jpg
192.0.77.2200 OK 52 kB URL HTTP/2 i3.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-3-opt.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 94677f3c9fd5aee9dd35d85f16434b5d
8c25aaa775073719cfd9bbdcb301ea0f7fd327a0
db25823da573836187cb3613e23522aa4bc6415db08b9be5ace853e787a2269b
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-3-opt.jpg HTTP/1.1
Host: i3.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 52286
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-3-opt.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e684346b2bd5bcf4"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-2-opt-1.jpg
192.0.77.2200 OK 75 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-2-opt-1.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7630e4449f25dbe547e9a69b25e0792c
76022a853e03df13e81b3c743efc7f74f2762eb5
22bff9eebc116a80a8d25e5379060beee301460c9a1be46b2a2cfd8b5d13e980
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-2-opt-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 74960
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-2-opt-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7132c71f5d559d27"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-1-opt.jpg
192.0.77.2200 OK 52 kB URL HTTP/2 i0.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-1-opt.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13ba9a053b460056fce53954b38ddb37
96ad891e48b73f2a52100089fdcc72cbe2ba2838
9301d2f7998f9f6ece1abc7e113381f311ee9dc5453d3ddec87f5d0acd97ca9e
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-1-opt.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 52522
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-1-opt.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8b1106247ad8bd6c"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:32 GMT
Last-Modified: Tue, 20 Sep 2022 19:03:55 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: GpufZCRF37LDVwcCGoW8ApGwL9Qy/QQHwggg8K8wlZHKl+eh22iHL33vTdV7MwdkaOxrn9uK9BuGBt+vMYHFyA==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Tue, 20 Sep 2022 20:53:32 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i2.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-4-opt.jpg
192.0.77.2200 OK 46 kB URL HTTP/2 i2.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-4-opt.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63755790db82eccb5f148648ad56279d
d28e60428a78e66e603088f6c5fc8a527d3be838
ed6d88565a9b610914b768de3960c1b4970e52c4ffd0d68bc7168faacaba7113
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-4-opt.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:32 GMT
content-type: image/webp
content-length: 45640
last-modified: Tue, 20 Sep 2022 20:53:32 GMT
expires: Fri, 20 Sep 2024 08:53:32 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/HOME-acordeao-4-opt.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d012b0c3c67e79f5"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:32 GMT
Last-Modified: Tue, 20 Sep 2022 19:03:55 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.youtube.com/s/player/7577aaa2/www-widgetapi.vflset/www-widgetapi.js
216.58.207.238200 OK 54 kB URL HTTP/2 www.youtube.com/s/player/7577aaa2/www-widgetapi.vflset/www-widgetapi.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (717)
Hash 80b4b97e686ee273a3c35efed728ff4f
b70780183375fb301fde205984ad76990898944a
7e069356134f0a7e279ab1a5fe026bfbf0742d79e6ea62bd411ec9f94232e70a
GET /s/player/7577aaa2/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 53514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 14:54:16 GMT
expires: Tue, 19 Sep 2023 14:54:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 00:17:08 GMT
content-type: text/javascript
age: 107956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/iframe_api
216.58.207.238200 OK 78 kB URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.238:0
File type ASCII text, with very long lines (509)
Hash 8b49c7811d07853204ac670bd4cb4a21
1e694f0e84ea1362097ed3e731fb11db38f25e12
5f73e5f611b3abf7be964df3a44a0fad64bc63f9c907fd4684b6af5033d5c009
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 20 Sep 2022 20:53:32 GMT
date: Tue, 20 Sep 2022 20:53:32 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=V7HEgN6t5fQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EpLQM16jAoE; Domain=.youtube.com; Expires=Sun, 19-Mar-2023 20:53:32 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+782; expires=Thu, 19-Sep-2024 20:53:32 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 289295
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/imagem-fachada.webp
177.55.121.37200 OK 315 kB URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/uploads/2022/04/imagem-fachada.webp
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Size 315 kB (314952 bytes)
Hash 3b8e198bcb49e9f50e9ce819c17a3fc2
57f92203bcd38681c9f29a3c8144772da9af6cd8
c9d97fd45f9dbc62f156b9978de96624220339379ea18973257993013dd46e95
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/04/imagem-fachada.webp HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 22 Apr 2022 11:45:18 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-type: image/webp
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
i1.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/07/oito-favicon_Prancheta-1.png
192.0.77.2200 OK 6.0 kB URL HTTP/2 i1.wp.com/oitocreditoimobiliario.com.br/wp-content/uploads/2020/07/oito-favicon_Prancheta-1.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f5acf897c1775abee5b9930002648d59
a02b409d6da1a28a4be43fb84a49570838aad284
e208b23cd8bec703379d1abe83537d9a92b3941e8fe4c914d15b7c4c90c4169d
GET /oitocreditoimobiliario.com.br/wp-content/uploads/2020/07/oito-favicon_Prancheta-1.png HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:33 GMT
content-type: image/webp
content-length: 6044
last-modified: Tue, 20 Sep 2022 20:53:33 GMT
expires: Fri, 20 Sep 2024 08:53:33 GMT
cache-control: public, max-age=63115200
link: <http://oitocreditoimobiliario.com.br/wp-content/uploads/2020/07/oito-favicon_Prancheta-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "2a9fa608f374dde0"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 20:44:23 GMT
expires: Tue, 20 Sep 2022 20:59:23 GMT
cache-control: public, max-age=900
age: 550
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 20 Sep 2022 20:53:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 20 Sep 2022 20:53:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 424f52fed80fd914f279d672c31cc90d
04367287fa0732243844e2ae7b235f57201d1320
db570c6da684d7843e6e1d293440bd18ae0516a94d2c946a38d5a032d74b668e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 20 Sep 2022 20:53:34 GMT
server: ESF
cache-control: private
content-length: 30906
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36110)
Hash d348ea7c67cf70cc27add8ec15920c5f
46b2db74425f5c6c10c69831277b83c76c8c24b8
e9198b139add4e4683e04549366c63b57000c4e9d719c0e5820124d63d0fccff
GET /js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:09:26 GMT
expires: Thu, 14 Sep 2023 05:09:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
age: 575048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/T-56rhvUgRk/maxresdefault.webp
142.250.74.150200 OK 88 kB URL HTTP/2 i.ytimg.com/vi_webp/T-56rhvUgRk/maxresdefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3f949d0bf04e6ff2b5bb7ebcbd6e466
cd5d6a0160d43470b400c855f7c57e7b7e985898
946dc7f8c81c90c1dea6aa4f920c6d370c65f626cdb01fadc033ce4afa885024
GET /vi_webp/T-56rhvUgRk/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 88010
date: Tue, 20 Sep 2022 20:53:34 GMT
expires: Tue, 20 Sep 2022 22:53:34 GMT
cache-control: public, max-age=7200
etag: "1631649673"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 20 Sep 2022 20:53:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 87338360055aeda22d3fb5ce830fbd2f
6821ad7f55d4ae8b5e8ea19cfc194d7d653e97f9
13115d68791133cf30b710abf67706a0b257df2738f3e9a12372b04acbb5dedd
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1208
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 20 Sep 2022 20:53:34 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash acd88936cf1da19211f818148fd2eea1
93f86a75e6c1a2b0caf138a54aa22a87c395abb3
1b8bdbbd226fb3db2197bc7c1425049bbd9c15ce63dd9c92168f5cfe6aca3459
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash acd88936cf1da19211f818148fd2eea1
93f86a75e6c1a2b0caf138a54aa22a87c395abb3
1b8bdbbd226fb3db2197bc7c1425049bbd9c15ce63dd9c92168f5cfe6aca3459
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&mh=PQ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&mt=1663705853&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgVgy7dYtcs9-_oqxN4id2UuI6iYgcDEDqLMnx-WkcWa4CIQDyXpdHU6IPwzUJSqx7J7L37hOy5rPEJNoeaZHD7lapeQ%3D%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&range=0-65916&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&mh=PQ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&mt=1663705853&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgVgy7dYtcs9-_oqxN4id2UuI6iYgcDEDqLMnx-WkcWa4CIQDyXpdHU6IPwzUJSqx7J7L37hOy5rPEJNoeaZHD7lapeQ%3D%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&range=0-65916&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1049), with no line terminators
Hash 323446e038e23215ece8ff7cfe2aae55
2ea26d444f13860d013b1b2365a1c9944841ea26
55d61c40750b5f460cf888793369f72ae596da1b2e2365a6062cb0f7d56b5b8c
GET /videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&mh=PQ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&mt=1663705853&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgVgy7dYtcs9-_oqxN4id2UuI6iYgcDEDqLMnx-WkcWa4CIQDyXpdHU6IPwzUJSqx7J7L37hOy5rPEJNoeaZHD7lapeQ%3D%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&range=0-65916&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 20 Sep 2022 20:53:34 GMT
Expires: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1049
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=PQ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=video%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&otf=1&otfp=1&dur=0.000&lmt=1598361563134589&mt=1663705853&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcE60dp8J2XaeZu5wW7tIaHlan_HrXIaULJfUTffIyO4CIE_I1SY6EgqSWK11m0Jhfad4iqVwoQWQOzavedTTjSq7&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgVgy7dYtcs9-_oqxN4id2UuI6iYgcDEDqLMnx-WkcWa4CIQDyXpdHU6IPwzUJSqx7J7L37hOy5rPEJNoeaZHD7lapeQ%3D%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=PQ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=video%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&otf=1&otfp=1&dur=0.000&lmt=1598361563134589&mt=1663705853&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcE60dp8J2XaeZu5wW7tIaHlan_HrXIaULJfUTffIyO4CIE_I1SY6EgqSWK11m0Jhfad4iqVwoQWQOzavedTTjSq7&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgVgy7dYtcs9-_oqxN4id2UuI6iYgcDEDqLMnx-WkcWa4CIQDyXpdHU6IPwzUJSqx7J7L37hOy5rPEJNoeaZHD7lapeQ%3D%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1079), with no line terminators
Hash 8d33be1da0746a30e0a72d12b24493c4
7df7ddc45a138c3bcec97774cdf12210d3cf78f4
306489725f6dbaaffd4deb5f899c74c14b6e25a7a5a1e6c10ee6bb4ccebe2d15
GET /videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=PQ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=video%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&otf=1&otfp=1&dur=0.000&lmt=1598361563134589&mt=1663705853&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcE60dp8J2XaeZu5wW7tIaHlan_HrXIaULJfUTffIyO4CIE_I1SY6EgqSWK11m0Jhfad4iqVwoQWQOzavedTTjSq7&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgVgy7dYtcs9-_oqxN4id2UuI6iYgcDEDqLMnx-WkcWa4CIQDyXpdHU6IPwzUJSqx7J7L37hOy5rPEJNoeaZHD7lapeQ%3D%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 20 Sep 2022 20:53:34 GMT
Expires: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1079
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash acd88936cf1da19211f818148fd2eea1
93f86a75e6c1a2b0caf138a54aa22a87c395abb3
1b8bdbbd226fb3db2197bc7c1425049bbd9c15ce63dd9c92168f5cfe6aca3459
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/vaXD7kxLrSbj6_xIRn4yec5mYSMgdhcONBQX0XeLW2Kg4W5ZdO0Al3nC5ABQ2y-N3lHozVcP=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.7 kB URL HTTP/2 yt3.ggpht.com/vaXD7kxLrSbj6_xIRn4yec5mYSMgdhcONBQX0XeLW2Kg4W5ZdO0Al3nC5ABQ2y-N3lHozVcP=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash c5cf95e998bb9644862d873b01cc63bd
4718e6681e8f0d2c418b857cf710e81c62a5db4a
fb08d8852240e53d566a2a9443064299ce46afc2635c989d4b00ad076dea7549
GET /vaXD7kxLrSbj6_xIRn4yec5mYSMgdhcONBQX0XeLW2Kg4W5ZdO0Al3nC5ABQ2y-N3lHozVcP=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 21 Sep 2022 20:53:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 20 Sep 2022 20:53:34 GMT
server: fife
content-length: 1727
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 518633d1dac16539b3661b4a8f6c71df
30916f3e8d20afae54ebb7b8b775e4766861bf0e
cae6bd8337be7692912b529b12d2cabd6b7d5189199921fde4d60f5a836e4400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 518633d1dac16539b3661b4a8f6c71df
30916f3e8d20afae54ebb7b8b775e4766861bf0e
cae6bd8337be7692912b529b12d2cabd6b7d5189199921fde4d60f5a836e4400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=PQ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1663706319&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAIn2ll_sdIY7UKBUlMjxsrzDSkfaEF8pcXKDYp10Vg_CAiEA5OOZSQ1zIgw8VEbWvDMQG9xzpI2LtQQ-_GO3caVxuwM%3D&range=0-65916&rn=3&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
74.125.108.233200 OK 1.2 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=PQ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1663706319&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAIn2ll_sdIY7UKBUlMjxsrzDSkfaEF8pcXKDYp10Vg_CAiEA5OOZSQ1zIgw8VEbWvDMQG9xzpI2LtQQ-_GO3caVxuwM%3D&range=0-65916&rn=3&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1203), with no line terminators
Hash 4f92e5aeedcbd2d9a7d57d817c07ca82
5f1179ecf88fede93c40129b3435c1063687d43e
97149931a3dbca5c54549dc0fbdefe7f1ac3be45490321cdf6c8ce4645ecb240
GET /videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=PQ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1663706319&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAIn2ll_sdIY7UKBUlMjxsrzDSkfaEF8pcXKDYp10Vg_CAiEA5OOZSQ1zIgw8VEbWvDMQG9xzpI2LtQQ-_GO3caVxuwM%3D&range=0-65916&rn=3&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 20 Sep 2022 20:53:34 GMT
Expires: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1203
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=video%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&otf=1&otfp=1&dur=0.000&lmt=1598361563134589&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcE60dp8J2XaeZu5wW7tIaHlan_HrXIaULJfUTffIyO4CIE_I1SY6EgqSWK11m0Jhfad4iqVwoQWQOzavedTTjSq7&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=PQ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1663706319&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYBCKWEOsCr-Mq6jaZ3RBxuAKFeUAAAlXrtibrDQJsMYCIQCOIiQOGcYYdKeHpATZnqN07kCvxvKx5syHFrqLt8UIRA%3D%3D&sq=0&rn=4&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
74.125.108.233200 OK 1.2 kB URL HTTP/1.1 rr4---sn-5goeenes.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=video%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&otf=1&otfp=1&dur=0.000&lmt=1598361563134589&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcE60dp8J2XaeZu5wW7tIaHlan_HrXIaULJfUTffIyO4CIE_I1SY6EgqSWK11m0Jhfad4iqVwoQWQOzavedTTjSq7&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=PQ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1663706319&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYBCKWEOsCr-Mq6jaZ3RBxuAKFeUAAAlXrtibrDQJsMYCIQCOIiQOGcYYdKeHpATZnqN07kCvxvKx5syHFrqLt8UIRA%3D%3D&sq=0&rn=4&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
IP 74.125.108.233:0
File type ASCII text, with very long lines (1232), with no line terminators
Hash 3b533dda35c48500bd4ddbe596e17e6e
c4e58038482ac6f17e613d50f1f62973e3845c6a
2144071dabe9f8805a849668c97ca140f7017fd0031a5d995e0c9b4dcd03590c
GET /videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=video%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&otf=1&otfp=1&dur=0.000&lmt=1598361563134589&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgcE60dp8J2XaeZu5wW7tIaHlan_HrXIaULJfUTffIyO4CIE_I1SY6EgqSWK11m0Jhfad4iqVwoQWQOzavedTTjSq7&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=PQ&mm=29&mn=sn-5goeenes&ms=rdu&mt=1663706319&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYBCKWEOsCr-Mq6jaZ3RBxuAKFeUAAAlXrtibrDQJsMYCIQCOIiQOGcYYdKeHpATZnqN07kCvxvKx5syHFrqLt8UIRA%3D%3D&sq=0&rn=4&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E= HTTP/1.1
Host: rr4---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 20 Sep 2022 20:53:34 GMT
Expires: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1232
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 518633d1dac16539b3661b4a8f6c71df
30916f3e8d20afae54ebb7b8b775e4766861bf0e
cae6bd8337be7692912b529b12d2cabd6b7d5189199921fde4d60f5a836e4400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a6c4141-897e-4893-81f2-a7382686ab37.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a6c4141-897e-4893-81f2-a7382686ab37.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4653898fc83ae1b62d9b975658cc7fe9
adc6def18885ff49efd6b61c47d4b36eaca057b4
642a2e27f6635db0f9670cce2cba91f24f881db8f19d3f9b00e439f746fbc225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a6c4141-897e-4893-81f2-a7382686ab37.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6961
x-amzn-requestid: 3177a5d3-6be5-426f-84ff-c044443c8627
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugHuHGZoAMFuwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e097-00d08a4e1c0ebd3f62716843;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:19 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZhlvXBUWGzI9AKQjOoiH2MvD5KKOsGq7HeP3mN82Sgs1-Dv7dPQHSQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:46:48 GMT
age: 83206
etag: "adc6def18885ff49efd6b61c47d4b36eaca057b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 284377d2626334ce93264429c3927c92
44f846a651ae20714276577ed368bb508a5f512a
bacee6c413939af4238a23b1517a44d587f8bb3256aa43df77ec0ae7c4107944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 284377d2626334ce93264429c3927c92
44f846a651ae20714276577ed368bb508a5f512a
bacee6c413939af4238a23b1517a44d587f8bb3256aa43df77ec0ae7c4107944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7l,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=PQ&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663706492&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMa0vLZ_DgubFOD38BriOYVW1_mK-mY4JHIZDThoV3nkCIQDY8PtD7dw4fghA9K55qxHryjjB0NVHbF7FeUEzHAdODw%3D%3D&range=0-65916&rn=5&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
74.125.100.199200 OK 66 kB URL HTTP/1.1 rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7l,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=PQ&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663706492&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMa0vLZ_DgubFOD38BriOYVW1_mK-mY4JHIZDThoV3nkCIQDY8PtD7dw4fghA9K55qxHryjjB0NVHbF7FeUEzHAdODw%3D%3D&range=0-65916&rn=5&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
IP 74.125.100.199:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 41da2ff6b753e750a5fbe8354acc37bb
1292c655d89dd09e7afa031c26c5e9a44ccbfde6
e03947804af07db5af37bf17c59406eca40e0c7e5f2e4ed85604b79a3f169758
GET /videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7l,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=PQ&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663706492&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMa0vLZ_DgubFOD38BriOYVW1_mK-mY4JHIZDThoV3nkCIQDY8PtD7dw4fghA9K55qxHryjjB0NVHbF7FeUEzHAdODw%3D%3D&range=0-65916&rn=5&rbuf=0&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E= HTTP/1.1
Host: rr2---sn-5hne6nz6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 25 Aug 2020 12:04:26 GMT
Content-Type: audio/webm
Date: Tue, 20 Sep 2022 20:53:34 GMT
Expires: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65917
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 284377d2626334ce93264429c3927c92
44f846a651ae20714276577ed368bb508a5f512a
bacee6c413939af4238a23b1517a44d587f8bb3256aa43df77ec0ae7c4107944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7l,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=PQ&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663706492&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMa0vLZ_DgubFOD38BriOYVW1_mK-mY4JHIZDThoV3nkCIQDY8PtD7dw4fghA9K55qxHryjjB0NVHbF7FeUEzHAdODw%3D%3D&range=65917-131452&rn=8&rbuf=4767&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
74.125.100.199200 OK 66 kB URL HTTP/1.1 rr2---sn-5hne6nz6.googlevideo.com/videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7l,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=PQ&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663706492&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMa0vLZ_DgubFOD38BriOYVW1_mK-mY4JHIZDThoV3nkCIQDY8PtD7dw4fghA9K55qxHryjjB0NVHbF7FeUEzHAdODw%3D%3D&range=65917-131452&rn=8&rbuf=4767&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E=
IP 74.125.100.199:0
Hash fb1f5456b63da7ae5d1b6f69e55758fa
6e5beaed99c52b255e1b5b977f62c0e208513d44
95a3377b33794d11999fbbbce514b3d6ef43402fdce478c5e3c8183db57aaecf
GET /videoplayback?expire=1663728814&ei=TigqY-nyBIm_yQW5yr3YAQ&ip=91.90.42.154&id=o-ACmus41GEfOnLrtahmqR8RZZwAD3cunHTw5PjGSFjRDp&itag=251&source=youtube&requiressl=yes&spc=yR2vp6pfTYc2Xnm8HOHdq_64yEsl1lQ&vprv=1&mime=audio%2Fwebm&ns=yz0zQrpC1I3Z8rk3taTWCT0I&gir=yes&clen=825320&otfp=1&dur=60.081&lmt=1598357066675781&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211222&n=gJTScewad94W2Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOrTbfXKJWePjgYVtK6eVPA8wXmz7obvAUXOh_gz8CZcAiEA5TLoRS58sQ-i_O8l8Zwx9-ZDrpqChAc--QnYA1QJwCg%3D&alr=yes&cpn=Jlixw1YiHwOyxI_8&cver=1.20220918.00.00&cm2rm=sn-capm-vnae7l,sn-5goly7z&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=PQ&mm=34&mn=sn-5hne6nz6&ms=ltu&mt=1663706492&mv=u&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgMa0vLZ_DgubFOD38BriOYVW1_mK-mY4JHIZDThoV3nkCIQDY8PtD7dw4fghA9K55qxHryjjB0NVHbF7FeUEzHAdODw%3D%3D&range=65917-131452&rn=8&rbuf=4767&pot=D-Hv7pR6Shb-4dcJUfh7wA9G26FgSecXWdugz11R6YI25zfnqTylAJjowdKgxeTMqKyCn_rwoV0CHjFHOAW6eS4b5hDKR9JQIunlUncM1nEQawfZ7r784urg9zUWn6tczMZvR0E= HTTP/1.1
Host: rr2---sn-5hne6nz6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 25 Aug 2020 12:04:26 GMT
Content-Type: audio/webm
Date: Tue, 20 Sep 2022 20:53:34 GMT
Expires: Tue, 20 Sep 2022 20:53:34 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65536
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/mo8rtdfx/2pe7x.css
177.55.121.37200 OK 0 B URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/cache/wpfc-minified/mo8rtdfx/2pe7x.css
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
GET /wp-content/cache/wpfc-minified/mo8rtdfx/2pe7x.css HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 10 May 2022 13:07:11 GMT
accept-ranges: none
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 20 Sep 2022 20:53:30 GMT
server: Umbler
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Merriweather%3A1%2C400%2C400italic%2C500%2C700%2C700italic%2C800%2C900&ver=5.9.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Merriweather%3A1%2C400%2C400italic%2C500%2C700%2C700italic%2C800%2C900&ver=5.9.3
IP 142.250.74.10:0
GET /css?family=Merriweather%3A1%2C400%2C400italic%2C500%2C700%2C700italic%2C800%2C900&ver=5.9.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 20:53:30 GMT
date: Tue, 20 Sep 2022 20:53:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/5.9.3/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/core.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/core.min.js
IP 192.0.77.37:0
GET /c/5.9.3/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/Home-Capa-OPT_1_.webp
177.55.121.37200 OK 0 B URL HTTP/2 oitocreditoimobiliario.com.br/wp-content/uploads/2022/03/Home-Capa-OPT_1_.webp
IP 177.55.121.37:0
ASN #53057 RedeHost Internet Ltda.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/03/Home-Capa-OPT_1_.webp HTTP/1.1
Host: oitocreditoimobiliario.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Mar 2022 23:06:21 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
content-type: image/webp
date: Tue, 20 Sep 2022 20:53:31 GMT
server: Umbler
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/mouse.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/mouse.min.js
IP 192.0.77.37:0
GET /c/5.9.3/wp-includes/js/jquery/ui/mouse.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/accordion.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/ui/accordion.min.js
IP 192.0.77.37:0
GET /c/5.9.3/wp-includes/js/jquery/ui/accordion.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 03 Feb 2022 00:04:02 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/wp-polyfill.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 192.0.77.37:0
GET /c/5.9.3/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:53:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
content-encoding: br
expires: Wed, 20 Sep 2023 20:53:30 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
plugin-oito.azul.dev/bundle.css?ver=1.0.8
54.230.111.24200 OK 0 B URL HTTP/2 plugin-oito.azul.dev/bundle.css?ver=1.0.8
IP 54.230.111.24:0
GET /bundle.css?ver=1.0.8 HTTP/1.1
Host: plugin-oito.azul.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 06 Jun 2022 13:43:56 GMT
x-amz-version-id: wL8uP4x7rh8IoFZMhtVkggTnOfgW25CW
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Sep 2022 20:53:32 GMT
etag: W/"41ecff202e9b5fe8ae58daa372c6d42c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: utRPBVeV4udaX_a29qyP8CLt4BtGz3HjbY-nx-3dnWE4Stipvt3nJg==
X-Firefox-Spdy: h2
plugin-oito.azul.dev/bundle.js?ver=1.0.8
54.230.111.24200 OK 0 B URL HTTP/2 plugin-oito.azul.dev/bundle.js?ver=1.0.8
IP 54.230.111.24:0
GET /bundle.js?ver=1.0.8 HTTP/1.1
Host: plugin-oito.azul.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oitocreditoimobiliario.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 26 Jul 2021 01:10:56 GMT
x-amz-version-id: XMVsLGHcID1CzZGkk8HA9KVYAxvkyYDH
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Sep 2022 20:53:32 GMT
cache-control: max-age=0
etag: W/"da13afc725c00e5420f1617295746b1f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xgwH_FU2-PCk-0DX5DDfRzZkRFGBpQy0Nk013MaCj9lpRDHh8jHqPQ==
X-Firefox-Spdy: h2