popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
109.106.248.113301 Moved Permanently 707 B URL HTTP/1.1 popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 03 Dec 2022 17:16:13 GMT
server: LiteSpeed
location: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11878
Expires: Sat, 03 Dec 2022 20:34:11 GMT
Date: Sat, 03 Dec 2022 17:16:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2106
Cache-Control: max-age=150605
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:13 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:06:18 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18003
Expires: Sat, 03 Dec 2022 22:16:16 GMT
Date: Sat, 03 Dec 2022 17:16:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 16:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3373
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HwAlQhEfkTc6iAIvx7W0YHxzzqGwluEuup5rBznd/ySfYKM5Akt7j5BgLr6BXELuXX8W8GQms64=
x-amz-request-id: PW6JJ96VCWHWYX6F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 16:47:11 GMT
age: 1742
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 17:16:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 17:11:17 GMT
cache-control: public,max-age=3600
age: 296
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2048
Cache-Control: max-age=145485
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:40:59 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2iyd74tQPT4eseW/f2ZkQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cod/CqJl+S7xaCUbMNKu3KTHjPA=
sdki.truepush.com/sdk/v2.0.3/app.js
54.230.111.87200 OK 581 B URL HTTP/2 sdki.truepush.com/sdk/v2.0.3/app.js
IP 54.230.111.87:0
File type ASCII text, with very long lines (1126), with no line terminators
Hash b861f6349fdb27190bd25dbfcd7674ff
3e00796d2d9c0a6ed48b6e56be4a275638fd2475
edbc02cb9ed8322c050d67e1af9bd5fef42dd3c4151a65a9c3b6ee761b1c79dc
GET /sdk/v2.0.3/app.js HTTP/1.1
Host: sdki.truepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 581
date: Fri, 25 Nov 2022 12:48:30 GMT
last-modified: Mon, 07 Dec 2020 12:54:29 GMT
etag: "b861f6349fdb27190bd25dbfcd7674ff"
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fz4mz4t4UOdMs-Sy2_te8-GWJhbk-bQ9kP3H-Z8HgHlG1-41l33XlA==
age: 707265
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 21b30398f43dc3a6d6bf992ac729de24
0f76c86a8e827fa9726722dc85ba13c2f6b4b5e1
300bdf64d0fd5bfed2cbfacdf4e5c64cc8714bf96580f7b57b7820e766a726dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: max-age=112036
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Etag: "638a8674-117"
Expires: Mon, 05 Dec 2022 00:23:30 GMT
Last-Modified: Fri, 02 Dec 2022 23:12:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 21b30398f43dc3a6d6bf992ac729de24
0f76c86a8e827fa9726722dc85ba13c2f6b4b5e1
300bdf64d0fd5bfed2cbfacdf4e5c64cc8714bf96580f7b57b7820e766a726dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: max-age=112036
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Etag: "638a8674-117"
Expires: Mon, 05 Dec 2022 00:23:30 GMT
Last-Modified: Fri, 02 Dec 2022 23:12:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
popa.com.br/wp-content/plugins/truepush-free-web-push-notifications/views/css/truepush-menu-styles.css?ver=1.0.7
109.106.248.113200 OK 327 B URL HTTP/2 popa.com.br/wp-content/plugins/truepush-free-web-push-notifications/views/css/truepush-menu-styles.css?ver=1.0.7
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
Hash 6769af90d8f1eda8581760ead6e76379
c80c82ea9180a87ae6e75a9b682b854271ac03f3
4600556cf7616fc5d33707c2719bdf450df4b50e784c8b577a2ecf2e0c88a779
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/truepush-free-web-push-notifications/views/css/truepush-menu-styles.css?ver=1.0.7 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Sun, 20 Nov 2022 23:29:41 GMT
etag: "451-637ab865-814bc0758b6ab53b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 327
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
109.106.248.113200 OK 11 kB URL HTTP/2 popa.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (47826)
Hash ba5eac37229008eef8a48bb9c12da241
95a3100a0d65a7bd0ebeba66a7ef01146cf96a24
60a4012feb8a3fb3b7f5d411ee9241e12c9ef0e5b33f249aea1b1ad103a71c0f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 00:25:26 GMT
etag: "172a9-637ac576-f7aed5352e524331;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11353
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-53155910-2
172.217.21.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-53155910-2
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash cb384473ff88cbab60f9e7bdbc9da5af
50914abb3e4ab9c310852ae80c761a3ce7409ad3
b13edbab31ba52303e2d5e68e4a74e95826fe6d46f9cee7c68e4a7fd12e87abf
GET /gtag/js?id=UA-53155910-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:16:14 GMT
expires: Sat, 03 Dec 2022 17:16:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44746
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
popa.com.br/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=3.0.7
109.106.248.113200 OK 6.5 kB URL HTTP/2 popa.com.br/wp-content/plugins/jet-engine/assets/css/frontend.css?ver=3.0.7
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (53318)
Hash 74af6d1d56bd81e53e8e0f10efd6fa58
5ea518c96162160c866960feae528927419e9390
2d7554e6557dc81ade3bc149e060fdbe710ec36030ad6c2ac08f077350204e85
GET /wp-content/plugins/jet-engine/assets/css/frontend.css?ver=3.0.7 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 14:17:45 GMT
etag: "d047-6380ce89-f63650a686653bd7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6504
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-includes/css/classic-themes.min.css?ver=1
109.106.248.113200 OK 217 B URL HTTP/2 popa.com.br/wp-includes/css/classic-themes.min.css?ver=1
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 00:25:26 GMT
etag: "d9-637ac576-a9687cc7089ed050;;;"
accept-ranges: bytes
content-length: 217
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.6.1
109.106.248.113200 OK 208 B URL HTTP/2 popa.com.br/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.6.1
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
Hash 9cd715795053d1f2a32e45ec0b29acd1
9aac36872ad64358be25cd963806e6d0d9dc0194
592f0c95cef072b3f05ed2a826ba3bfbea8c1c6eef185a0a07c2f7979dfd96c1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.6.1 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Fri, 21 Oct 2022 00:45:31 GMT
etag: "2cb-6351ebab-d03dc198bd3d9499;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 208
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/extension.min.css?ver=7.0.10
109.106.248.113200 OK 3.4 kB URL HTTP/2 popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/extension.min.css?ver=7.0.10
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (14241)
Hash 92d3915878099649e72b36c56ec3fb3e
ecdb9f8439fa7b4c080ba7f39730be402b4a99c8
c10b8ecbda828cac8f7bc2c59cb5ad4529e16b20fb65b67459b578ae9c796637
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/extension.min.css?ver=7.0.10 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 14:18:14 GMT
etag: "47a3-6380cea6-6e284767d2f53538;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3400
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/font-awesome-5.min.css?ver=7.0.10
109.106.248.113200 OK 11 kB URL HTTP/2 popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/font-awesome-5.min.css?ver=7.0.10
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (53839), with no line terminators
Hash 9f276b63d2a286b365305c69753f2ff4
67eb666562168a0e6526edc093085a3bcf17ae2c
fcfe95bc1b493c949a14d8870f96c485da2df58e7f16998872dcd2743d162681
GET /wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/font-awesome-5.min.css?ver=7.0.10 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 14:18:14 GMT
etag: "d24f-6380cea6-58d47d301589a628;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11182
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/woocommerce-sales-funnels.min.css?ver=7.0.10
109.106.248.113200 OK 68 B URL HTTP/2 popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/woocommerce-sales-funnels.min.css?ver=7.0.10
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with no line terminators
Hash 89f459e78ff78d9a47670d502f675d2e
f743749dc78b0b8604e1dd12245818297115381d
e9b5916bb32211e309bc6347c155e2a069b19717d81dcdecfabdcd993a4898f0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/piotnet-addons-for-elementor-pro/assets/css/minify/woocommerce-sales-funnels.min.css?ver=7.0.10 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 14:18:14 GMT
etag: "44-6380cea6-17ebff60e6aaeb48;;;"
accept-ranges: bytes
content-length: 68
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/td-multi-purpose/style.css?ver=6.1.1
109.106.248.113200 OK 8.3 kB URL HTTP/2 popa.com.br/wp-content/plugins/td-multi-purpose/style.css?ver=6.1.1
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash a9cc4e7de8bab5cd496ace24e93c85dd
ef6b1ee2b639d30359943bd4d9bc3f8832ee5114
ba87b65242304f8d1056228b22afcc5a661699ca62394f00cf2d2f792b8b3bb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/td-multi-purpose/style.css?ver=6.1.1 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Sat, 24 Apr 2021 11:21:43 GMT
etag: "10e60-6083ff47-a36b0049a6b8144b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8327
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
static.mailerlite.com/js/w/webforms.min.js?v5c5d99c28cfe49b41fe82455507d7558
104.18.12.69200 OK 3.3 kB URL HTTP/2 static.mailerlite.com/js/w/webforms.min.js?v5c5d99c28cfe49b41fe82455507d7558
IP 104.18.12.69:0
File type ASCII text, with very long lines (9930), with no line terminators
Hash 7301baeee8a99ad98693192aa973a2ab
34c868454d05d01f905187244a42c70cb0735e61
61c6b2517e97fc2636833d8fe9b837080bb5790612997e9afd4a93845dd7108b
GET /js/w/webforms.min.js?v5c5d99c28cfe49b41fe82455507d7558 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:14 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:35:16 GMT
vary: Accept-Encoding
etag: W/"63887554-26ca"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
age: 7010
expires: Thu, 08 Dec 2022 17:16:14 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 773df2ee3dd9b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
142.250.74.106200 OK 47 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
IP 142.250.74.106:0
Hash e3a92314cd0c209961dbf6ebb278f337
f301430478922c399d6c83b71eb6627b7a742d5e
b13b743cb638c0ae7b407d32b69ce0a86c2dffea61847d2bd68d9651637789a1
GET /css?family=Open+Sans:400,400italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 17:16:14 GMT
date: Sat, 03 Dec 2022 17:16:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
popa.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
109.106.248.113200 OK 30 kB URL HTTP/2 popa.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: application/x-javascript
last-modified: Mon, 21 Nov 2022 00:25:28 GMT
etag: "15e54-637ac578-5df94b2e65e1f71b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
109.106.248.113200 OK 4.0 kB URL HTTP/2 popa.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: application/x-javascript
last-modified: Sat, 24 Apr 2021 11:16:04 GMT
etag: "2bd8-6083fdf4-99c2c6b9be904842;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/js/minify/woocommerce-sales-funnels.min.js?ver=7.0.10
109.106.248.113200 OK 1.7 kB URL HTTP/2 popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/js/minify/woocommerce-sales-funnels.min.js?ver=7.0.10
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (6259), with no line terminators
Hash aefe69a043da0b24b719898f95a245f2
a4b0515350d13adef03d2999ca762f843964d07a
af061c2b0f8d02c7a24b645fbe610b05a3f19f13c3543a0d2be5671b6a91531c
GET /wp-content/plugins/piotnet-addons-for-elementor-pro/assets/js/minify/woocommerce-sales-funnels.min.js?ver=7.0.10 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 14:18:14 GMT
etag: "1873-6380cea6-26cc218b46aaec92;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1693
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
109.106.248.113200 OK 4.6 kB URL HTTP/2 popa.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (15660)
Hash 4402e98c197d70e9bc78b1da062e658a
b1d2477c6b1dfa9283d79a0a3944098dde573f68
4e646c55a8c057d08458aed4f913f5ae713e1351aadc0bcdf947bc48fb6a73ed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: application/x-javascript
last-modified: Tue, 28 Jun 2022 22:17:37 GMT
etag: "48b9-62bb7e01-5b6e414d27d6c5e6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4572
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/01/log_popa-241-px-%C3%97-90-px.png
109.106.248.113200 OK 8.1 kB URL HTTP/2 popa.com.br/wp-content/uploads/2022/01/log_popa-241-px-%C3%97-90-px.png
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image\012- data
Hash be6edecf4c540165066eeff83eb3f520
63e323542ff2bc9650471cbdb68ef0ebc65b4438
54dbc534fc92c4793a0e59bbf0a71e2d8a2fd582cf5a4f83ad64f21512e2c923
GET /wp-content/uploads/2022/01/log_popa-241-px-%C3%97-90-px.png HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sat, 29 Jan 2022 12:48:48 GMT
etag: "1f80-61f537b0-90adc0f71685bfb4;;;"
accept-ranges: bytes
content-length: 8064
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/js/minify/extension.min.js?ver=7.0.10
109.106.248.113200 OK 22 kB URL HTTP/2 popa.com.br/wp-content/plugins/piotnet-addons-for-elementor-pro/assets/js/minify/extension.min.js?ver=7.0.10
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 2f4e16712863405deda26f25ebc5e69d
39ff543289b02ad1e3553a35c916563210a2785f
a7c2b5afd5bea82d551316971fec609479d76f3e1f584195b92a9d819b83feb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/piotnet-addons-for-elementor-pro/assets/js/minify/extension.min.js?ver=7.0.10 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: application/x-javascript
last-modified: Fri, 25 Nov 2022 14:18:14 GMT
etag: "1963a-6380cea6-73cbf70a1e0ca2d2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21667
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2021/01/FotoBB-1-218x150.jpeg
109.106.248.113200 OK 7.4 kB URL HTTP/2 popa.com.br/wp-content/uploads/2021/01/FotoBB-1-218x150.jpeg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f960d8d1c339bc418b025f815db0616
ea7dd97d6c024c9d5adf5202bc697f35dab6cd5c
e4a0cf1e947a5f7de455564b2c0074e9f593624f8c04821e1e8cdc07763304a2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/01/FotoBB-1-218x150.jpeg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Fri, 28 Jan 2022 15:14:11 GMT
etag: "1d00-61f40843-25c348ca1a6b7a9c;;;"
accept-ranges: bytes
content-length: 7424
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2018/11/barcos-silhoetas-modificado-218x150.jpg
109.106.248.113200 OK 2.8 kB URL HTTP/2 popa.com.br/wp-content/uploads/2018/11/barcos-silhoetas-modificado-218x150.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 61e3554eddd5e085db60ea76eb32651a
969e3849d3c7073ee63bfc8455258aa2a0bb6449
11e7132c688cb89e693d907c3291b225ab6692fd8ce57a1a25629d857f7b332d
GET /wp-content/uploads/2018/11/barcos-silhoetas-modificado-218x150.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sun, 30 Jan 2022 13:14:57 GMT
etag: "ac2-61f68f51-a95a08d76ad8fc4d;;;"
accept-ranges: bytes
content-length: 2754
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2018/04/100_5320-218x150.jpg
109.106.248.113200 OK 4.2 kB URL HTTP/2 popa.com.br/wp-content/uploads/2018/04/100_5320-218x150.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type JPEG image data, baseline, precision 8, 218x150, components 3\012- data
Hash dd20a6c17e58d46e13403b2671e9bc00
081b999a2560973107d55b8db77f87dab06b7c8e
ccac1b14078b268d51911651f4372e91f418528e05135a358cafe8f02388ad7b
GET /wp-content/uploads/2018/04/100_5320-218x150.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: image/jpeg
last-modified: Sun, 30 Jan 2022 15:40:11 GMT
etag: "1068-61f6b15b-7f771bc7e5d85e81;;;"
accept-ranges: bytes
content-length: 4200
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2018/04/IMG_0689-1-218x150.jpg
109.106.248.113200 OK 5.4 kB URL HTTP/2 popa.com.br/wp-content/uploads/2018/04/IMG_0689-1-218x150.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type JPEG image data, baseline, precision 8, 218x150, components 3\012- data
Hash 8b0986245bede16fc66bbfbe50994f3b
7e782f7d3364c57fb26e299ca25e803f13532e9e
879f0b98008184fbd23270455e42d6baa7f67a71ed4acc332ebddf791495e5c7
GET /wp-content/uploads/2018/04/IMG_0689-1-218x150.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: image/jpeg
last-modified: Sun, 30 Jan 2022 15:47:34 GMT
etag: "1549-61f6b316-220a7114748f621b;;;"
accept-ranges: bytes
content-length: 5449
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2020/11/iStock-535069255-218x150.jpg
109.106.248.113200 OK 7.1 kB URL HTTP/2 popa.com.br/wp-content/uploads/2020/11/iStock-535069255-218x150.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f35dbd2ea31cf794f447ab8cbfa587b8
b54d65d8f3673d75576c1b6d09fb0894f0e45ea4
a27f681bd3f1aad40d9096721b7cb82170bcfefb637403674ddd584746a39f71
GET /wp-content/uploads/2020/11/iStock-535069255-218x150.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Fri, 28 Jan 2022 15:16:50 GMT
etag: "1bde-61f408e2-5fb667d6910d1429;;;"
accept-ranges: bytes
content-length: 7134
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2020/10/Screen-Shot-2020-10-06-at-12.30.25-218x150.png
109.106.248.113200 OK 4.0 kB URL HTTP/2 popa.com.br/wp-content/uploads/2020/10/Screen-Shot-2020-10-06-at-12.30.25-218x150.png
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c067a2f83747f273981a2553566c7ff0
61c06dea33131bedaecb740ad6c00cb5f652b19d
178f27e5b33ee3f2a6ac6f622c2b4d7f8a5fdb3f642138aa226becbfffecdbf2
GET /wp-content/uploads/2020/10/Screen-Shot-2020-10-06-at-12.30.25-218x150.png HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Fri, 28 Jan 2022 15:21:00 GMT
etag: "f88-61f409dc-973f69f0d9fd74e7;;;"
accept-ranges: bytes
content-length: 3976
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2020/05/Screenshot-at-May-21-13-01-48-218x150.png
109.106.248.113200 OK 6.1 kB URL HTTP/2 popa.com.br/wp-content/uploads/2020/05/Screenshot-at-May-21-13-01-48-218x150.png
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dee4f0104911758117b24e9bd042ec99
990d0889f39ad9af7df465d3ab38ae614c9b94ea
a285dc58bf538e5d03c90d4f4bf5da983c2242ab2dd286723c7fb02f7293b035
GET /wp-content/uploads/2020/05/Screenshot-at-May-21-13-01-48-218x150.png HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Fri, 28 Jan 2022 15:32:11 GMT
etag: "17be-61f40c7b-86be589b15530a4e;;;"
accept-ranges: bytes
content-length: 6078
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2020/05/aurora-borealis-in-lofoten-islands-norway-218x150.jpg
109.106.248.113200 OK 3.8 kB URL HTTP/2 popa.com.br/wp-content/uploads/2020/05/aurora-borealis-in-lofoten-islands-norway-218x150.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e4461ddf553f9836b24f5f38c73d9222
d0e74c6d2a9c5e117403b03f504566034ef6fa15
7bca9b36556b378dc0f3b628e79fcdc8f123a8910c9daa3791fbafc5075bf5a5
GET /wp-content/uploads/2020/05/aurora-borealis-in-lofoten-islands-norway-218x150.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Fri, 28 Jan 2022 15:30:55 GMT
etag: "eee-61f40c2f-e4b3b431806e784b;;;"
accept-ranges: bytes
content-length: 3822
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2019/03/PHOTO-2019-03-25-09-55-45-314x160.jpg
109.106.248.113200 OK 3.4 kB URL HTTP/2 popa.com.br/wp-content/uploads/2019/03/PHOTO-2019-03-25-09-55-45-314x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 314x160, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49ecbcef96db6c395e3d6c382ae61098
ab641e6bc1351307ad9758378776bf88f43201af
9406f87f7f959117e83ec3954898094f057ddf380428eb793b328ca700a2bf67
GET /wp-content/uploads/2019/03/PHOTO-2019-03-25-09-55-45-314x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sun, 30 Jan 2022 12:54:29 GMT
etag: "d44-61f68a85-e14f124cf60f07d2;;;"
accept-ranges: bytes
content-length: 3396
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/12/Passageiro-morre-em-cruzeiro-atingido-por-onda-gigante-no-sul-324x160.jpg
109.106.248.113200 OK 8.2 kB URL HTTP/2 popa.com.br/wp-content/uploads/2022/12/Passageiro-morre-em-cruzeiro-atingido-por-onda-gigante-no-sul-324x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 324x160, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b22c961c9e13dab898f5f59c43225f9c
2c9f56c7f38891969dd1196081ad5e517fe6f786
730cca7fb51392009d512e1e1964e766263d1e794c9b0a4d106dc534fc1c8ff9
GET /wp-content/uploads/2022/12/Passageiro-morre-em-cruzeiro-atingido-por-onda-gigante-no-sul-324x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Fri, 02 Dec 2022 03:13:52 GMT
etag: "200e-63896d70-ee7542373ddd125f;;;"
accept-ranges: bytes
content-length: 8206
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/11/Cargueiro-navegando-sob-neblina-320x160.jpg
109.106.248.113200 OK 646 B URL HTTP/2 popa.com.br/wp-content/uploads/2022/11/Cargueiro-navegando-sob-neblina-320x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x160, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f1de9810e6a9cca2364b066017115ae
716bc169373e7a1fc3888dcefa2a65b96d30f557
c5357f4e68884597b19e247282cea137862daf23baf9e879c5ad2a11efe92fab
GET /wp-content/uploads/2022/11/Cargueiro-navegando-sob-neblina-320x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sun, 27 Nov 2022 18:23:25 GMT
etag: "286-6383ab1d-8551772ab4e74851;;;"
accept-ranges: bytes
content-length: 646
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/11/Rio-Guaiba-em-nivel-bem-baixo-em-Porto-Alegre-RS-324x160.jpg
109.106.248.113200 OK 4.8 kB URL HTTP/2 popa.com.br/wp-content/uploads/2022/11/Rio-Guaiba-em-nivel-bem-baixo-em-Porto-Alegre-RS-324x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0a2a3d73dbb6577ad0b32cd320b78fa6
68ba67293b723e889e8e2a438d43963d7a48e09d
984a44e31e32363cd03645a4aabd622c6f0229aea1d6a8e178561e2b1c148564
GET /wp-content/uploads/2022/11/Rio-Guaiba-em-nivel-bem-baixo-em-Porto-Alegre-RS-324x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Tue, 22 Nov 2022 21:44:02 GMT
etag: "12ce-637d42a2-c25402e096b18053;;;"
accept-ranges: bytes
content-length: 4814
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/11/Carta-do-leito-do-Oceano-Atlantico-E-um-mapa-do-324x160.jpg
109.106.248.113200 OK 20 kB URL HTTP/2 popa.com.br/wp-content/uploads/2022/11/Carta-do-leito-do-Oceano-Atlantico-E-um-mapa-do-324x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 324x160, components 3\012- data
Hash bca0c79cdebb9d3b8e76e4fa824ca43a
02709502ea43551a895c412489333533e4712814
fc7b721b3b34940eb05fd506e84389f0ffed5ac833ebc7e26df911b712adbde5
GET /wp-content/uploads/2022/11/Carta-do-leito-do-Oceano-Atlantico-E-um-mapa-do-324x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: image/jpeg
last-modified: Sun, 20 Nov 2022 23:35:40 GMT
etag: "4f25-637ab9cc-1567be7be1563597;;;"
accept-ranges: bytes
content-length: 20261
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/11/A-Digital-Boating-Community-324x160.jpg
109.106.248.113200 OK 10 kB URL HTTP/2 popa.com.br/wp-content/uploads/2022/11/A-Digital-Boating-Community-324x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 324x160, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e9ee1a05662ee54491398600101f454
7d14043cee995552f79475cdc0ce82405fac45eb
46b49134833c6f617d0f9e726afb325d0897166a8c4382a37f71db13110ad577
GET /wp-content/uploads/2022/11/A-Digital-Boating-Community-324x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sun, 20 Nov 2022 23:33:42 GMT
etag: "282a-637ab956-70ae65101c03dbff;;;"
accept-ranges: bytes
content-length: 10282
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2022/11/Ponte-Rio-Niteroi-e-fechada-devido-a-batida-de-navio-a-324x160.jpg
109.106.248.113200 OK 4.7 kB URL HTTP/2 popa.com.br/wp-content/uploads/2022/11/Ponte-Rio-Niteroi-e-fechada-devido-a-batida-de-navio-a-324x160.jpg
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 324x160, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a93d15d91855786685f8e326fa17995
041081463ee5e37987935014bb9ed01ebe4d0347
e8d46b8cadf973c475c152cdb0c50e8031938396b72802a053d536546e6a0d5f
GET /wp-content/uploads/2022/11/Ponte-Rio-Niteroi-e-fechada-devido-a-batida-de-navio-a-324x160.jpg HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sun, 20 Nov 2022 23:34:02 GMT
etag: "122e-637ab96a-ce024ad5e257c9cc;;;"
accept-ranges: bytes
content-length: 4654
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2018/04/logo_popa-720x340_transparente.png
109.106.248.113200 OK 9.4 kB URL HTTP/2 popa.com.br/wp-content/uploads/2018/04/logo_popa-720x340_transparente.png
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image\012- data
Hash dfbef6fce638cafc129c1fe50ca19e36
2fe264a7d05392d8d774d1d23822615d83d6a625
7f1b49cf0ea65bfd14716e9b90ce1e199be5ff9e293cb59f83a846bbad53f5d4
GET /wp-content/uploads/2018/04/logo_popa-720x340_transparente.png HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Mon, 14 Feb 2022 17:06:02 GMT
etag: "24b6-620a8bfa-adaa5df97a5335d4;;;"
accept-ranges: bytes
content-length: 9398
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
popa.com.br/wp-content/uploads/2019/11/popa-1003x374-ps-1.png
109.106.248.113200 OK 28 kB URL HTTP/2 popa.com.br/wp-content/uploads/2019/11/popa-1003x374-ps-1.png
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
File type RIFF (little-endian) data, Web/P image\012- data
Hash 51ccc9be6ae498ac5405dc3fb08c4c8c
6cdfb318f08fe86b4f520244bcbea56260c1b5c9
232fcffb3dac6855991c6354157a3d5be7ac70d51382686676851cd2bb533ff1
GET /wp-content/uploads/2019/11/popa-1003x374-ps-1.png HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
expires: Sun, 03 Dec 2023 17:16:14 GMT
content-type: image/webp
last-modified: Sun, 30 Jan 2022 11:49:43 GMT
etag: "6c36-61f67b57-2031dda9c0e56d00;;;"
accept-ranges: bytes
content-length: 27702
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
vary: Accept
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
104.18.12.69200 OK 66 kB URL HTTP/2 static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
IP 104.18.12.69:0
File type ASCII text, with very long lines (32046)
Hash 81c9b9fc8d47e3f6d261943193e4a364
153012999cafce360f0a6b40118e240871fdae9f
c0650bf2084a4ac43c2d5950f75f519656e8a8b0aa2d8327b514e4b21ce6b79a
GET /js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:14 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:35:18 GMT
vary: Accept-Encoding
etag: W/"63887556-1153a"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
age: 1324
expires: Thu, 08 Dec 2022 17:16:14 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 773df2f0a8fbb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17336, version 1.0\012- data
Hash eec8dbfc49267c4d33cf31b49661bf37
0f49d4563cf9e22e3af6907d0785b9a6facadbf0
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:53:29 GMT
expires: Thu, 30 Nov 2023 19:53:29 GMT
cache-control: public, max-age=31536000
age: 249765
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:56:13 GMT
expires: Tue, 28 Nov 2023 18:56:13 GMT
cache-control: public, max-age=31536000
age: 426001
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sdki.truepush.com/sdk/version.json
54.230.111.87200 OK 176 B URL HTTP/2 sdki.truepush.com/sdk/version.json
IP 54.230.111.87:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 327739750637fd5a1dd49dd855637862
262da8e22f5386f687478704a58b5117ac3f70d0
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
GET /sdk/version.json HTTP/1.1
Host: sdki.truepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 176
last-modified: Wed, 27 Jul 2022 05:36:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 23:07:24 GMT
cache-control: max-age=300
etag: "327739750637fd5a1dd49dd855637862"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iyTyIz2WAw-yxIHyPkxktza-SDGVKk8QWpOQMZWrFePGarOYH7HHJQ==
age: 2138933
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 250919
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 250938
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.mailerlite.com/js/universal.js?167008
104.18.12.69200 OK 21 kB URL HTTP/2 static.mailerlite.com/js/universal.js?167008
IP 104.18.12.69:0
File type ASCII text, with very long lines (16459), with no line terminators
Hash 68be8495bddfc7eea6afe437a2218b7c
70122eb821ba0164087632fb9975ff1c059936d6
581021a78da74c550c10152394746d4f29a02d956aa0462aa392e928bd9342f8
GET /js/universal.js?167008 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:14 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 09:34:57 GMT
vary: Accept-Encoding
etag: W/"63887541-404b"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
age: 6958
expires: Thu, 08 Dec 2022 17:16:14 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 773df2f078cbb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:01:24 GMT
expires: Wed, 29 Nov 2023 07:01:24 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 382490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sdki.truepush.com/sdk/v2.0.3/main.js
54.230.111.87200 OK 19 kB URL HTTP/2 sdki.truepush.com/sdk/v2.0.3/main.js
IP 54.230.111.87:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 5a2c3e761383ded1b599587640880805
cd90902ca3626e1cb7b00ef851c3b22b3e6baa42
d288cef9f1a993a91e5886c822a7c01d63435ffafcf8ec7237e48eea8a29e3dc
GET /sdk/v2.0.3/main.js HTTP/1.1
Host: sdki.truepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 18934
date: Tue, 08 Nov 2022 09:12:22 GMT
last-modified: Tue, 15 Feb 2022 10:44:09 GMT
etag: "5a2c3e761383ded1b599587640880805"
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PkW2_N-dwX1P454ZM4mYx1r3ovVLZ6vcE0Uhyle6E-mKKuzGIfEEIA==
age: 2189033
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chimpstatic.com/mcjs-connected/js/users/7697c7c71ddeaee09d4d82209/7b5adb9efef15c7c60c0edc74.js
96.6.17.210200 OK 50 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/7697c7c71ddeaee09d4d82209/7b5adb9efef15c7c60c0edc74.js
IP 96.6.17.210:0
Hash 104d46a3208b40e8ded389332f5a78a3
4ab55ccb2972e9a3cb62c65c97308c2450a682bb
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
GET /mcjs-connected/js/users/7697c7c71ddeaee09d4d82209/7b5adb9efef15c7c60c0edc74.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WuNNBHs0FMK/ph7kHSjslx4qyvd6/AXHCtvsxyZ15m6aw3HlgIobiN3Co4ts4Aquo9MCfmkALrA=
x-amz-request-id: JJ642RJBQJD26HE8
Last-Modified: Fri, 04 Oct 2019 23:27:32 GMT
ETag: "104d46a3208b40e8ded389332f5a78a3"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 50
X-EdgeConnect-MidMile-RTT: 1, 7, 18
X-EdgeConnect-Origin-MEX-Latency: 103, 103, 362
Cache-Control: max-age=1746
Expires: Sat, 03 Dec 2022 17:45:21 GMT
Date: Sat, 03 Dec 2022 17:16:15 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (4885)
Hash e804e74ab4f6a3891b6e077c7fefda3e
3fc81b710e730dc74e1d11d494894ca867bd681d
e72d94a3a4ee024f0ff57f6e70d26ec6775842b98f6284248b4b10919c30fbf8
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:16:15 GMT
expires: Sat, 03 Dec 2022 17:16:15 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10762916221325958541
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 16:41:08 GMT
expires: Sat, 03 Dec 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 2107
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Sat, 03 Dec 2022 18:53:42 GMT
Date: Sat, 03 Dec 2022 17:16:15 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=78036346&gjid=252811774&cid=2044555947.1670087773&tid=UA-53155910-2&_gid=1324354950.1670087773&_r=1>m=2oubu0&z=1420233702
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=78036346&gjid=252811774&cid=2044555947.1670087773&tid=UA-53155910-2&_gid=1324354950.1670087773&_r=1>m=2oubu0&z=1420233702
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=78036346&gjid=252811774&cid=2044555947.1670087773&tid=UA-53155910-2&_gid=1324354950.1670087773&_r=1>m=2oubu0&z=1420233702 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://popa.com.br
date: Sat, 03 Dec 2022 17:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Sat, 03 Dec 2022 18:53:42 GMT
Date: Sat, 03 Dec 2022 17:16:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Sat, 03 Dec 2022 18:53:42 GMT
Date: Sat, 03 Dec 2022 17:16:15 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=1695904406&gjid=620570082&cid=2044555947.1670087773&tid=UA-53155910-2&_gid=1324354950.1670087773&_r=1>m=2wgbu053M3F2B&z=769186139
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=1695904406&gjid=620570082&cid=2044555947.1670087773&tid=UA-53155910-2&_gid=1324354950.1670087773&_r=1>m=2wgbu053M3F2B&z=769186139
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=1695904406&gjid=620570082&cid=2044555947.1670087773&tid=UA-53155910-2&_gid=1324354950.1670087773&_r=1>m=2wgbu053M3F2B&z=769186139 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://popa.com.br
date: Sat, 03 Dec 2022 17:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 58731
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=1727028491&gjid=259934902&cid=2044555947.1670087773&tid=UA-18703232-1&_gid=1324354950.1670087773&_r=1>m=2oubu0&z=388575672
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=1727028491&gjid=259934902&cid=2044555947.1670087773&tid=UA-18703232-1&_gid=1324354950.1670087773&_r=1>m=2oubu0&z=388575672
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=2102787568&t=pageview&_s=1&dl=https%3A%2F%2Fpopa.com.br%2Fwp-content%2Fplugins%2Fsuper-forms%2Fuploads%2Fphp%2Ffiles%2F14e6cd10cd0ab33f2dcae32bd76a33d7%2F31318458317.pdf&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20N%C3%A3o%20Encontrada%20-%20POPA.COM.BR&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEDAAUABAAAAACAAI~&jid=1727028491&gjid=259934902&cid=2044555947.1670087773&tid=UA-18703232-1&_gid=1324354950.1670087773&_r=1>m=2oubu0&z=388575672 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://popa.com.br
date: Sat, 03 Dec 2022 17:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Sat, 03 Dec 2022 18:53:42 GMT
Date: Sat, 03 Dec 2022 17:16:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 70008
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 22511
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 48175
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 44047
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 69909
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V600tz6McjYhbNnd_4ezFOwdgiitbICWfqYNDpZr2dWEITFahOhhHA==
age: 878769
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=popa.com.br
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=popa.com.br
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=popa.com.br HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Dec 2022 17:16:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=popa.com.br
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=popa.com.br
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=popa.com.br HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Dec 2022 17:16:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e39ca1e2bd8346ad392ae341cdbca986
ecb5f8a2b1e95dc820f223b4d215c016ddb7beea
b68f2add7856746e3f53c1c238e50f24e61993a6e1f2a58aeb3faba8aaa7c344
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:16:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 06:43:22 GMT
Expires: Fri, 09 Dec 2022 06:43:21 GMT
Etag: "ecb5f8a2b1e95dc820f223b4d215c016ddb7beea"
Cache-Control: max-age=479825,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773df2f5bdcdb4ed-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e39ca1e2bd8346ad392ae341cdbca986
ecb5f8a2b1e95dc820f223b4d215c016ddb7beea
b68f2add7856746e3f53c1c238e50f24e61993a6e1f2a58aeb3faba8aaa7c344
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:16:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 06:43:22 GMT
Expires: Fri, 09 Dec 2022 06:43:21 GMT
Etag: "ecb5f8a2b1e95dc820f223b4d215c016ddb7beea"
Cache-Control: max-age=479825,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773df2f5bbb50b55-OSL
script.hotjar.com/modules.90de377b639fd5b933d2.js
143.204.55.96200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.90de377b639fd5b933d2.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DpM-_x978A9nfXaxME9dudtm10IqweX5uww2Iu-tjwAAJ4NyPItVuQ==
age: 185949
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 99c6e888e109cfca37de80b29e284001
3082cf79c611491ae64e5599f55e9e4908c457a6
19503ecb247142c34038b8ac5e0a5ab5bc7d94ef205beb3edde394275010e15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&gjid=252811774&_gid=1324354950.1670087773&_u=YEBAAUAAAAAAACAAI~&z=1359787030
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&gjid=252811774&_gid=1324354950.1670087773&_u=YEBAAUAAAAAAACAAI~&z=1359787030
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&gjid=252811774&_gid=1324354950.1670087773&_u=YEBAAUAAAAAAACAAI~&z=1359787030 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://popa.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 17:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=popa.com.br&callback=_gfp_s_&client=ca-pub-0151911683781800&gpid_exp=1
216.58.207.226200 OK 248 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=popa.com.br&callback=_gfp_s_&client=ca-pub-0151911683781800&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (389), with no line terminators
Hash 6db3c1352e6915a3f0cbbbf179ed121a
60f212bf8baa56cb1f89f910589d7679a4dfa4d0
d89c2c654c6a2cdce32efce245ca03a29e028bcc31edf9def8ee6275a71be985
GET /gampad/cookie.js?domain=popa.com.br&callback=_gfp_s_&client=ca-pub-0151911683781800&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 03 Dec 2022 17:16:15 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=1695904406&gjid=620570082&_gid=1324354950.1670087773&_u=YEDAAUABAAAAACAAI~&z=1800669412
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=1695904406&gjid=620570082&_gid=1324354950.1670087773&_u=YEDAAUABAAAAACAAI~&z=1800669412
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=1695904406&gjid=620570082&_gid=1324354950.1670087773&_u=YEDAAUABAAAAACAAI~&z=1800669412 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://popa.com.br
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 17:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
103.231.212.226204 No Content 0 B URL HTTP/1.1 sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
IP 103.231.212.226:0
ASN #18229 CtrlS Datacenters Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/truepushSDKPlatfromDetails HTTP/1.1
Host: sdk.truepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://popa.com.br/
Origin: https://popa.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
X-Powered-By: Express
Access-Control-Allow-Origin: https://popa.com.br
Vary: Origin, Access-Control-Request-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Sat, 03 Dec 2022 17:16:15 GMT
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 99c6e888e109cfca37de80b29e284001
3082cf79c611491ae64e5599f55e9e4908c457a6
19503ecb247142c34038b8ac5e0a5ab5bc7d94ef205beb3edde394275010e15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&_u=YEBAAUAAAAAAACAAI~&z=1119127810
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&_u=YEBAAUAAAAAAACAAI~&z=1119127810
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&_u=YEBAAUAAAAAAACAAI~&z=1119127810 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&_u=YEBAAUAAAAAAACAAI~&z=1119127810
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&_u=YEBAAUAAAAAAACAAI~&z=1119127810
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53155910-2&cid=2044555947.1670087773&jid=78036346&_u=YEBAAUAAAAAAACAAI~&z=1119127810 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
103.231.212.226200 OK 676 B URL HTTP/1.1 sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
IP 103.231.212.226:0
ASN #18229 CtrlS Datacenters Ltd.
File type JSON data\012- , ASCII text, with very long lines (1177), with no line terminators
Hash 094cfdc461e1a00faef3dd79196c0aba
d513ab081f96dd6b565366850fb4bd1aa478f2cc
54eff23932abf0f7941b0887b77d079ca7af7e2afb52cf61f8a750f42bf4a1cd
POST /api/v2/truepushSDKPlatfromDetails HTTP/1.1
Host: sdk.truepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 76
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://popa.com.br
Vary: Origin, X-HTTP-Method-Override, Accept-Encoding
Access-Control-Allow-Credentials: true
Content-Security-Policy: img-src * data:
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
Set-Cookie: XSRF-TOKEN=17dedbe2-357f-5636-b3dc-120dcfecced4; Domain=.truepush.com; Path=/; Expires=Wed, 22 Sep 2032 10:52:01 GMT
sessionId=7ef31ba2-2666-5271-9af7-04bf6bef22fb; Domain=.truepush.com; Path=/; Expires=Wed, 22 Sep 2032 10:52:01 GMT; HttpOnly
tp=j%3A%22638b8460c8110b3ec98979e3%22; Domain=.truepush.com; Path=/; Expires=Wed, 22 Sep 2032 10:52:01 GMT; HttpOnly
Content-Type: application/json; charset=utf-8
ETag: W/"499-zaw/SHwNdh5hj0a6g5Bm9Eu8wJg"
Content-Encoding: gzip
Date: Sat, 03 Dec 2022 17:16:16 GMT
Transfer-Encoding: chunked
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ebdcfd214693735e555b84af8032ed0d
32e7307811cdb7a987beeaa306492f98b4cdbbaa
b388b53ca7cb8fc79bc5b899a09cf6f4d97adee19dc65475e4e8efdcae48f5d2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168186
Date: Sat, 03 Dec 2022 17:16:16 GMT
Etag: "638b6a5f-1d7"
Expires: Mon, 05 Dec 2022 15:59:22 GMT
Last-Modified: Sat, 03 Dec 2022 15:25:19 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZeX9QaGmcUL5qRo8HcDKjugwYYWQ8PcNS4_kD7LZ6vgf98A8vK3ZLw==
Age: 2043
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bb045ee4346b85d699158fdba8f84f64
ee5cf0d75cd678dc71c6083cc7ce68169c0fce2d
8b2dcab1627a9c21b66cd6ea676dd5b4b6a39bebf2cfafcc21f52b5221bb6a03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bb045ee4346b85d699158fdba8f84f64
ee5cf0d75cd678dc71c6083cc7ce68169c0fce2d
8b2dcab1627a9c21b66cd6ea676dd5b4b6a39bebf2cfafcc21f52b5221bb6a03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
172.217.21.161200 OK 10 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
IP 172.217.21.161:0
Hash dde93bda736e8f5dc0cc0f68f287c2d0
1ea94136d2587b448886f96ff13e24b038102005
c73b58a19903c3581acc783bac2f136161a93139ddeda011c40797bfdd7ced8b
GET /pagead/js/r20221110/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9428
x-xss-protection: 0
date: Sat, 03 Dec 2022 13:29:36 GMT
expires: Sat, 17 Dec 2022 13:29:36 GMT
cache-control: public, max-age=1209600
age: 13600
etag: 246362764157784863
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Sat, 03 Dec 2022 15:59:33 GMT
expires: Sat, 17 Dec 2022 15:59:33 GMT
cache-control: public, max-age=1209600
age: 4603
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.3200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.3:0
File type C++ source, ASCII text, with very long lines (1833)
Hash bf18e06fe996d8e32931955996f6f9f9
83b00b5650cf50deb2c305d4382f06a42b63fb32
a9b7ee4074a79df10d3f9eb1d4dffd8f08d1c46883cca461ef023c00b7c71f88
GET /mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14157
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 15:24:06 GMT
expires: Thu, 02 Mar 2023 15:24:06 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
content-type: text/javascript
age: 93130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ws28.hotjar.com/api/v2/client/ws
52.18.72.203101 Switching Protocols 0 B URL HTTP/1.1 ws28.hotjar.com/api/v2/client/ws
IP 52.18.72.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws28.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://popa.com.br
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cN7GFgbHFM2vNJHj23Dgsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 03 Dec 2022 17:16:16 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C/kNPqgX6XjZWVPiXbESNup2bHI=
Sec-WebSocket-Extensions: permessage-deflate
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 69317
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.mailerlite.com/css/universal.css?v4
104.18.12.69200 OK 0 B URL HTTP/2 static.mailerlite.com/css/universal.css?v4
IP 104.18.12.69:0
GET /css/universal.css?v4 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 09:34:48 GMT
vary: Accept-Encoding
etag: W/"63887538-30e"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
age: 3703
expires: Thu, 08 Dec 2022 17:16:14 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 773df2f1aa6db51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
track.mailerlite.com/webforms/o/2467402/w3s4x5?v1596797844
104.18.12.69200 OK 0 B URL HTTP/2 track.mailerlite.com/webforms/o/2467402/w3s4x5?v1596797844
IP 104.18.12.69:0
GET /webforms/o/2467402/w3s4x5?v1596797844 HTTP/1.1
Host: track.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:14 GMT
content-type: image/gif
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 773df2ee3de6b51b-OSL
X-Firefox-Spdy: h2
static.mailerlite.com/data/a/2259/2259544/universal/t5e9l6m1i2_popups.js?v=1670087772
104.18.12.69200 OK 0 B URL HTTP/2 static.mailerlite.com/data/a/2259/2259544/universal/t5e9l6m1i2_popups.js?v=1670087772
IP 104.18.12.69:0
GET /data/a/2259/2259544/universal/t5e9l6m1i2_popups.js?v=1670087772 HTTP/1.1
Host: static.mailerlite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:15 GMT
content-type: application/javascript
last-modified: Sat, 21 Aug 2021 22:19:49 GMT
vary: Accept-Encoding
etag: W/"61217c05-19a7"
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: MISS
expires: Thu, 08 Dec 2022 17:16:15 GMT
cache-control: public, max-age=432000
server: cloudflare
cf-ray: 773df2f1aa6fb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
109.106.248.113404 Not Found 0 B URL HTTP/2 popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://popa.com.br/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.7.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.7.3
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.7.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 17:16:14 GMT
date: Sat, 03 Dec 2022 17:16:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2345310/visit-data?sv=7
34.254.47.228200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2345310/visit-data?sv=7
IP 34.254.47.228:0
POST /api/v2/client/sites/2345310/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:16 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
ws28.hotjar.com/api/v2/sites/2345310/recordings/content
52.18.72.203200 OK 0 B URL HTTP/2 ws28.hotjar.com/api/v2/sites/2345310/recordings/content
IP 52.18.72.203:0
POST /api/v2/sites/2345310/recordings/content HTTP/1.1
Host: ws28.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 286439
Origin: https://popa.com.br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:16:16 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
popa.com.br/wp-content/themes/Newspaper/style.css?ver=8.7.3
109.106.248.113200 OK 0 B URL HTTP/2 popa.com.br/wp-content/themes/Newspaper/style.css?ver=8.7.3
IP 109.106.248.113:0
ASN #47583 Hostinger International Limited
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Newspaper/style.css?ver=8.7.3 HTTP/1.1
Host: popa.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/wp-content/plugins/super-forms/uploads/php/files/14e6cd10cd0ab33f2dcae32bd76a33d7/31318458317.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 17:16:14 GMT
content-type: text/css
last-modified: Sat, 24 Apr 2021 11:22:14 GMT
etag: "1195b8-6083ff66-bb41099e7924ba22;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:16:14 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2345310.js?sv=7
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2345310.js?sv=7
IP 143.204.55.98:0
GET /c/hotjar-2345310.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popa.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 17:16:15 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/bfbfd1ffb066a742b6599b181f2b03cd
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XZt-GMNu4onlBMn1HFXtNIFLXj6M_R_2lSs2YSR60HiN8L2EfR5Ddw==
X-Firefox-Spdy: h2