r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9346
Expires: Thu, 08 Dec 2022 08:32:15 GMT
Date: Thu, 08 Dec 2022 05:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Thu, 08 Dec 2022 07:56:54 GMT
Date: Thu, 08 Dec 2022 05:56:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 05:08:09 GMT
content-type: application/json
age: 2900
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11382
Expires: Thu, 08 Dec 2022 09:06:11 GMT
Date: Thu, 08 Dec 2022 05:56:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5UtZ9RwFgvxhEgPYDydojep0exWuqU5oYqPUe4+BD1c5qREx8JO/4BZJalAKcMtLGNFEu3AVdDA=
x-amz-request-id: 15BW95QZG6NSJRB5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 05:49:40 GMT
age: 409
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:56:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
seguro.geniodescontos.com/
301 Moved Permanently 134 B URL HTTP/1.1 seguro.geniodescontos.com/
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 05:56:29 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.geniodescontos.com:443/
X-GoCache-CacheStatus: BYPASS
Server: gocache
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 05:07:55 GMT
age: 2915
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c552dc846896054946423449672adbf
3b7bd4416bdfe90ffdd506de8a699b562200244f
a94303c3c7e10808fbccb0113a8ab8954ac88c94d7511653efc38059bf816144
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A94303C3C7E10808FBCCB0113A8AB8954AC88C94D7511653EFC38059BF816144"
Last-Modified: Thu, 08 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 08 Dec 2022 11:56:30 GMT
Date: Thu, 08 Dec 2022 05:56:30 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3852
Cache-Control: max-age=101672
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:30 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:11:02 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MdxBShKnl8w7tg/xGdjz+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /cz0Mf+KpZO0u0UYKsjhjwF7t54=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15824
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:56:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15824
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:56:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15824
Expires: Thu, 08 Dec 2022 10:20:15 GMT
Date: Thu, 08 Dec 2022 05:56:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 24226
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 78080
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 44246
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00cdac5a7f801c10e53b8651ceb94c46
d83d7a30038bbf534c531c3786c3458c66d6504a
4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsZPiQ026zur9XITdqX8eyH813-2rXyG6RrSLF4pZ4Wtk4mQJZd1SA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 29099
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 23996
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 29099
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cb4dd119f7430c320eac60b72355bd8c
e5694c4e08731720fa303127f2f4b2fe5ab9fba9
116e36f240390df2689f722ba0174ff342f7c6ce3a6b91853342c93def2a0825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seguro.geniodescontos.com/cart
200 OK 31 kB URL HTTP/2 seguro.geniodescontos.com/cart
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58455)
Hash 12b08a5bc7036a67c615f63e72bf323e
5204daafb5726028a33bd734065ce9dccf368db4
e503073daa62a8524c01234bbb84f7de34cc443e9999482d5b665802ba6ca82b
Analyzer Verdict Alert fortinet Phishing
GET /cart HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ik5tK0VqUzI5cmNhbDQwRHZUSVA2SUE9PSIsInZhbHVlIjoiN3ZRc1B4XC8xaUtWUGxlMUN0bnNCWTJicWZvQzU4UWZEOUx5TjBORUYwSzdRTFBLUGtRZ21TU1M5RXVXNVIwWmNsdWM5SmcyYmljRVlVbUtKTVoxbTJRPT0iLCJtYWMiOiJjODA4MThmZGI5NDMyOWNkYjY3MGQ3MTYwNGEwYTM1ZmVjMTQzMGVjOGM1YThmOWRlZGI0NjJkMGExNGMyZDI1In0%3D; bubbstore_checkout=eyJpdiI6IjhrbllyZ013S0oxcnkyNUV0TDZSWHc9PSIsInZhbHVlIjoiZlN1TFRQa3MySEhUMndDWGQrcDR5dHlJXC8xK1wvQkN3YjRVVmtIUWRuRmtwcFd4V0dyNll4RzhBdVlRTVwvVUwyRHh2SjYzcXpHaFZ0NzlzNmVpbnA5RGc9PSIsIm1hYyI6ImE1NzM3MGQ4NzNjODA1MGY1NTI2MWRiYWEwYjE0ZjU2NjI4Y2UyZWNkYjM1YjY0YzRkZWM3N2I1NjQyMDVlMmEifQ%3D%3D; geniodescontos_cart=eyJpdiI6IkhpVHM2eTlPOVRCUldMSnRHV0RqVHc9PSIsInZhbHVlIjoiXC9rU2h2ZGZ4MGo1MDhveGo0d01ZdWw4dXVUMDJ4ckxkZzlwRmVOOHE1bGg3MWJ4ZVNBS1NGY05hdjVxWVpuaUlWcXZHTHdaZnhRMFVsaGlmQTdtYXFnPT0iLCJtYWMiOiIyYTVjODNlNGExMWIyYjJjMDhjMWVjMGQ2M2QzYWRkNDE3N2NkN2FlNWI0YTg4MTAyZjBmNjMwYWZhMjA5ZTJhIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:31 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkxMSGo0VEpQWlBnRnhrOWF0K1IwT1E9PSIsInZhbHVlIjoiN0hSeXpMTHJWUnVSZjV5V3BwRURSbjRxOXZ5cThmUXJpd2Z4QVV3am9HQjhLdCtOZ2dNRkpqSzRGbStqSXRGUGd4NnA5cnZmUW5zZ1wvRmVscWVSTVZnPT0iLCJtYWMiOiI1ZTllMGUwOTI4Y2NlZDNjODBkZjkxNGEzZTlkOWRjZDI0OWMxYzU2YzVkYjY4YzFmNTk2Zjg2ZDUxYmUyOTA3In0%3D; expires=Thu, 08-Dec-2022 08:56:31 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjM4QVBydDVCcXYyQW9lTXFNcXZrRmc9PSIsInZhbHVlIjoiYmxld0JJVTREOGZSK2hrV3RBZjVUbXMrZFRjTGVFNXVBN1FPR083dnJzUHBRS05Ha3dmZmlUWkFPNVwvbXNFa25CRlY3ZzRkQXMyZGJaNkl3VGR0OHpnPT0iLCJtYWMiOiJhMjJhZTI1NTEzNmJhMDMwMWZhNzI2NjA4NjI0ODE5MWNlODc0MTY0ZTg5MzczNWMyMzQwNGU3ZDk3YjNjMWM2In0%3D; expires=Thu, 08-Dec-2022 08:56:31 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 8fa43933082dc6355570357a37d8f283
82a0aa54e90db71c1407008664ed2870eeef0f8e
99d3f3352fc4830d1045187d7150a04f6a965f752abf7234b7203487644a2e03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6390ad73-117"
Server: ECS (amb/6BC7)
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 78f711ff8066d407896220d52be06a70
35d1af306739c7c6a1baa1644f6c900b9b706173
cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6390141b-118"
Server: ECS (amb/6B73)
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 78f711ff8066d407896220d52be06a70
35d1af306739c7c6a1baa1644f6c900b9b706173
cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166926
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:38 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 78f711ff8066d407896220d52be06a70
35d1af306739c7c6a1baa1644f6c900b9b706173
cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166926
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:38 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 78f711ff8066d407896220d52be06a70
35d1af306739c7c6a1baa1644f6c900b9b706173
cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166926
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:38 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash da956e057260390fdb0f031611642013
9a6e98aab555fffbb13725ed243d0710de42946f
bde9720713f98ab261e1c89c5981a26ae8120ba67a48d7e0c7214ebeca9529c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1927
Cache-Control: max-age=158100
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "63913b9d-1d7"
Expires: Sat, 10 Dec 2022 01:51:32 GMT
Last-Modified: Thu, 08 Dec 2022 01:19:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
icons.yampi.me/svg/card-billet.svg
200 OK 711 B URL HTTP/2 icons.yampi.me/svg/card-billet.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash e5b027014a703772a19221eed6056b20
f5d3cbb3e784033935e6af41169bf06b3d76abc5
6076e2f0cb772befb58377a86fbdbf2150e46796addf551619c34f7203fe2c9d
GET /svg/card-billet.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-537"
expires: Wed, 07 Dec 2022 21:48:01 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: B624:951E:28C413:39D119:638600D9
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669737065.338189,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 5ef39e1cfcffe0244c1c66c317e2af13f4ac182c
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o13VoTejTvgqpOUzYuYt2hzduEB5Jjrmnaet1TQ5Nr5iqoWzB8Zu1AQg2w3LOsK0HR45Yef%2BaVv5HjygFvdo9R4ZFxQB8jXF2BTIwFC%2BZIIarxkd3%2F%2Bjl2sPOJE7oyqo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de240b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 391b769178630d6c94b3fb41da9fb1c3
37949562917934683baafe5c56efb8a6db6e9fd3
69dc0137800ab9a5a6280e2f666ad202efc035b7035e6f57523041bc6ec34ccb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141756
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6391034c-1d7"
Expires: Fri, 09 Dec 2022 21:19:08 GMT
Last-Modified: Wed, 07 Dec 2022 21:19:08 GMT
Server: nginx
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash eaf4d51232f487b1786c03513f0e1384
6deb1c0da314cb02ff0b74d547076fd65c578064
1dfeced821bfa8563f8d969c5826d0133f148a2ac447017273c62bfa049f3dda
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142417
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "6390ef85-1d7"
Expires: Fri, 09 Dec 2022 21:30:09 GMT
Last-Modified: Wed, 07 Dec 2022 19:54:45 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2qH_XYkLUB504F0f6E4WUTvS1FDYJuUaRn-DDalB7akits8xrxw-mw==
Age: 5724
icons.yampi.me/svg/card-pix.svg
200 OK 1.6 kB URL HTTP/2 icons.yampi.me/svg/card-pix.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1048)
Hash cee216c66e44ba3fe107f9ba56d5134b
c1a96f3665b1bdf1d9fc56c1024db836718b29d8
cc77cc67d8556d0bde32c7636f60dd93894cea32d7f50a3b47f2684037a1367d
GET /svg/card-pix.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-a56"
expires: Wed, 07 Dec 2022 02:59:20 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 766A:13121:3D3E95:3F4A87:63897710
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669987625.551040,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: a42f2a3ba5266ae17bacd44295b0cf2ffd41a82f
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ3Go8WYNHN2CYJEyeDF5vq0ZuK1SGdL6wnxXTWipFiMuqQlfOGGFB9RQzcuMMgQqHDnoXJEQsZ1Guc8rjqus%2BrX66H3EWKvKdYLA3WUHKBb4FYAptpQ8TZpW4JLMo5N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de290b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-elo.svg
200 OK 35 kB URL HTTP/2 icons.yampi.me/svg/card-elo.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1575)
Hash 3f115db9be9d1c6ec66f8160053a437f
3a44254e9baab9cf9de80405103950e929c572c9
925119a785118d36d094628258b63766986d93c00811cfb10aa34239489d9e16
GET /svg/card-elo.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-c43"
expires: Tue, 06 Dec 2022 22:06:28 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 860A:48DA:C481D0:1141E0E:6388F2D8
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669987625.544549,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: 2102c16660ef18add7da14e6b6c497c79b846521
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIzXtZkoSj2rKnGE28Sjxc8mWFNKL0XecnYYHI6lSIFAf1uauFsV22sQtZ%2B%2BRQsm4TIQINRzP8tvZkpz4p6aCWw7u08ehW%2BO7PhHwrhqXJazEyg6pdyH1y3jHj95zr4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de250b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
icons.yampi.me/svg/card-mastercard.svg
200 OK 846 B URL HTTP/2 icons.yampi.me/svg/card-mastercard.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash b22ca92ec4a60de3b381df9910b6d140
96aad71de915d7eb3c01fb2901b94809165bf9df
15494ebb21111247db02446bdc15e2c0d882273c93b808055594f3044a87d3f1
GET /svg/card-mastercard.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-5b3"
expires: Thu, 08 Dec 2022 04:23:00 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 29F0:787E:186AB6E:192450A:63891D29
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669930626.794607,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: ca6076340eac584c57d7f684f0a4505104fdb18d
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbvYW3noCxNbaw05VTy5kVTdljxvBdNYWhhs1cETN8IiQ%2BaOI3FbA9dKf%2BTGbw8q6lXUiaFtubNvX7DwK%2FBEV%2F8%2BRZBwJMMGMzXfF%2FJPQG7xxjL%2FKSz3HrPUiD6TRBAn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de2a0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/628c0b2487184/628c0b248718a.png
200 OK 17 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/628c0b2487184/628c0b248718a.png
IP
File type PNG image data, 200 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 1eb32f1c1b08b524bfb234ba97aed60a
15514dfa63cda7565387c1516cfca09888ed751d
42d6adb7b5900d855c21e984032d83acace1542115220c253c44b409089cb919
GET /king-assets.yampi.me/dooki/628c0b2487184/628c0b248718a.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pIyt+nBZ6hBY8qr5IQR6gfVq/X9aCgoh7GdIy+U2IUhoteswp7gG5Fk66CHh2x4uYnJyoH2TMjM=
x-amz-request-id: KYX8CYVVWM0PSZ23
Date: Thu, 08 Dec 2022 05:56:34 GMT
Last-Modified: Mon, 23 May 2022 22:31:01 GMT
ETag: "1eb32f1c1b08b524bfb234ba97aed60a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 16619
ocsp.digicert.com/
200 OK 471 B IP
Hash a3ee107b7fdef0a7035bda032afd8c77
711e60436b744796ca1248479bd8618b03626297
643c1505fb3c5d0fa275a8880d233b6d21fad52c261268840459299b565dcbc3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160839
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Etag: "63914dd8-1d7"
Expires: Sat, 10 Dec 2022 02:37:12 GMT
Last-Modified: Thu, 08 Dec 2022 02:37:12 GMT
Server: nginx
Content-Length: 471
awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25
200 OK 27 kB URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 8915ecae847203dd00598297cb8fb6ce
7b3feb35efa2ce69d426c43ed55b84b0a354ed5a
77525c22c5d25c7c93944e4580e1a6ef55c882ceaf312b729aeda4f19a7c6c46
GET /checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: text/css
x-amz-id-2: YA1eDbyiFw9F7lvoHKFMrUFI+rzs4fWeaPTK8HBrcIojzp1Ze0GAqZwjGyO3EOKzm5Y2nWL5dqs=
x-amz-request-id: P208087TQ0JZ3MS4
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: 5lxShk4xe0C8IXXkoQQWK8S_0jFPf.GV
etag: W/"78c7a473b51f1cc2067d1b8860950b25"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF8e%2BK%2Bg5xhWoyLB%2BooqI61zKn5w0jZ0RUdIInK9L%2BHwk3nnTs4u99LC%2F1v%2FhsEaTGvEHh56Np9%2B1WH5kp%2F3y7PF5gz1y9Mc16WecjRwyCDdXPiOCX9SKDuIPT9a25rWXLHh7U%2FLqxX%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77634226ce1a0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/web_device
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.geniodescontos.com/
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:33 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.geniodescontos.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 457acce7-0a6c-448c-ab07-b01ae20db0c7
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-15,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 1ac68f0dbdb1157f
x-b3-traceid: 1ac68f0dbdb1157f
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-15: VCzEeTxWrytkSxD1Zht2K5AxBCD2KeG/Y8dIytpr+ZH5D4KjWeSdYsp1I3YBeqic
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
www.mercadopago.com/v2/security.js
200 OK 2.1 kB URL HTTP/2 www.mercadopago.com/v2/security.js
IP
Hash 76b7a19cce36e2df0abba17a522f3c1b
bb885a3be81c4b04bb6869263aee56944e1716cf
ed62ffd84809069de66b803b0af67fe57e3fd279fd1661a8a18aef7405bf81a5
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Dec 2022 05:56:32 GMT
set-cookie: _d2id=320f36db-1440-46fb-b092-1e6e50375f4e-n; Path=/; Domain=.mercadopago.com; Expires=Fri, 08 Dec 2023 05:56:32 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: 320f36db-1440-46fb-b092-1e6e50375f4e
x-request-device-id: 320f36db-1440-46fb-b092-1e6e50375f4e
x-d2id: 320f36db-1440-46fb-b092-1e6e50375f4e
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rSo4NahzjrHbFNu8ocNVe5DIlxCUpKOv7X1r4TY5P_Uh3-kR-uEz6g==
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-visa.svg
200 OK 2.5 kB URL HTTP/2 icons.yampi.me/svg/card-visa.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1343)
Hash b8de25fdfbb643aecb10bb77ec40b21f
bd11828f48f8477a61eaa133b7b880b3946ccbec
bb7e093d49bc5d58fd4fe5b10958655b1b7ab0ecbbd15811427beb29db3e15fd
GET /svg/card-visa.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-1288"
expires: Thu, 08 Dec 2022 02:03:25 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: F28A:7C67:2CB1DE:3DC102:638600D9
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669728865.256778,VS0,VE5
vary: Accept-Encoding
x-fastly-request-id: 43c5906117beb3c5fd37cf057680716d20298606
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVtz8CJ%2FTj4cwu0z%2BHVdVI83kvNIU0h45VBQPTKjjE5eANsO7LhLEX6%2FD1h3a6q80OCwnmsabbYVhkqIQmxVmjF62aiN67nVaRUvFq0yddP6NjUj37gcjsdKxpdGzBy5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de1d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-diners.svg
200 OK 1.5 kB URL HTTP/2 icons.yampi.me/svg/card-diners.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1368)
Hash 180febff22691e1c708bf9555271a102
38e5c665a989f6556cdfce713abe260fc0f63518
d0edc776a98f31b8b0e564a8a26240c8d9a45a3d3405847cf089c97c93cf2cc8
GET /svg/card-diners.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-99b"
expires: Wed, 07 Dec 2022 08:07:35 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 954C:7A85:27A62D:38B276:638600D9
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669736548.174335,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 6e20954df562034587119bfdcf51dbb1d4a09617
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOSODkoRRJyTOE6AmR%2Fe5WuO%2FGUD1qjrfJZnZSH5A7Cwtx%2BA2fZzrh1VhZfnV6Co1IbZVVCPDlbYUg2aADKWKYBNkLIkVf9OiOeHlBKjvQ1J7bcfXQut11S7OaZZwgMr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de280b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8fFN8nUCv8OJ8HENE5O1/nWgX9WOyCa2af0A8jopTe6LmLTY/Vb0BPZjsn2LVZepS6rAxb0YABg9av1f3osqfA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Thu, 08 Dec 2022 05:56:33 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 04:41:08 GMT
expires: Thu, 08 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 4525
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4007
Cache-Control: max-age=167323
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 04:25:16 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 58591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=488946556.1670478993&jid=308282033&gjid=1051377563&_gid=742131197.1670478993&_u=IEDAAAASAAAAAC~&z=1427206422
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=488946556.1670478993&jid=308282033&gjid=1051377563&_gid=742131197.1670478993&_u=IEDAAAASAAAAAC~&z=1427206422
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=488946556.1670478993&jid=308282033&gjid=1051377563&_gid=742131197.1670478993&_u=IEDAAAASAAAAAC~&z=1427206422 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.geniodescontos.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 05:56:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/6241c3873ebcb/6241c3873ebd1.png
200 OK 17 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/6241c3873ebcb/6241c3873ebd1.png
IP
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash d96baf4dc5e691fdf692bc4adcec306c
faf590ff05158dd093890bed2a6128d1cdf26c91
add4d5437b922339bc2e8802f8aaa292faa9d89a5dcf9a485156b6adba1c50b1
GET /king-assets.yampi.me/dooki/6241c3873ebcb/6241c3873ebd1.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: g1jdxP+CrEk8SqNbQIaQ7IOqiqm82iYlFdONnmZt5cIYJ9FJIGiF3b9vdcux+TlmgeMt20Lgd2Y=
x-amz-request-id: KYXDR8QGAVJ66AGF
Date: Thu, 08 Dec 2022 05:56:34 GMT
Last-Modified: Mon, 28 Mar 2022 14:17:44 GMT
ETag: "d96baf4dc5e691fdf692bc4adcec306c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 17371
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seguro.geniodescontos.com/cart/recomm
200 OK 1.1 kB URL HTTP/2 seguro.geniodescontos.com/cart/recomm
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1363)
Hash 2a2f06fdc912cdc6301be31e27e31b10
7d7a2506602d7b8a049981a118d2d32114c43738
00d0f4aa6282ee8f42dc06eecd03c7f214e9935784e4c8bfcbbfa05fd768f480
Analyzer Verdict Alert fortinet Phishing
GET /cart/recomm HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImJkZTZmMDRlNmU3YTg2YmYiLCJ0ciI6ImVkNzg2NTZiNTc0ZGQ3YzE5YzNhMzFmNmUyZGVkMjcwIiwidGkiOjE2NzA0Nzg5OTI1NTh9fQ==
traceparent: 00-ed78656b574dd7c19c3a31f6e2ded270-bde6f04e6e7a86bf-01
tracestate: 2935249@nr=0-1-2935249-1134170823-bde6f04e6e7a86bf----1670478992558
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/cart
Cookie: XSRF-TOKEN=eyJpdiI6IkxMSGo0VEpQWlBnRnhrOWF0K1IwT1E9PSIsInZhbHVlIjoiN0hSeXpMTHJWUnVSZjV5V3BwRURSbjRxOXZ5cThmUXJpd2Z4QVV3am9HQjhLdCtOZ2dNRkpqSzRGbStqSXRGUGd4NnA5cnZmUW5zZ1wvRmVscWVSTVZnPT0iLCJtYWMiOiI1ZTllMGUwOTI4Y2NlZDNjODBkZjkxNGEzZTlkOWRjZDI0OWMxYzU2YzVkYjY4YzFmNTk2Zjg2ZDUxYmUyOTA3In0%3D; bubbstore_checkout=eyJpdiI6IjM4QVBydDVCcXYyQW9lTXFNcXZrRmc9PSIsInZhbHVlIjoiYmxld0JJVTREOGZSK2hrV3RBZjVUbXMrZFRjTGVFNXVBN1FPR083dnJzUHBRS05Ha3dmZmlUWkFPNVwvbXNFa25CRlY3ZzRkQXMyZGJaNkl3VGR0OHpnPT0iLCJtYWMiOiJhMjJhZTI1NTEzNmJhMDMwMWZhNzI2NjA4NjI0ODE5MWNlODc0MTY0ZTg5MzczNWMyMzQwNGU3ZDk3YjNjMWM2In0%3D; geniodescontos_cart=eyJpdiI6IkhpVHM2eTlPOVRCUldMSnRHV0RqVHc9PSIsInZhbHVlIjoiXC9rU2h2ZGZ4MGo1MDhveGo0d01ZdWw4dXVUMDJ4ckxkZzlwRmVOOHE1bGg3MWJ4ZVNBS1NGY05hdjVxWVpuaUlWcXZHTHdaZnhRMFVsaGlmQTdtYXFnPT0iLCJtYWMiOiIyYTVjODNlNGExMWIyYjJjMDhjMWVjMGQ2M2QzYWRkNDE3N2NkN2FlNWI0YTg4MTAyZjBmNjMwYWZhMjA5ZTJhIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:33 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjZ0WVNucG56SVFuR0NwYkdVT2tVYUE9PSIsInZhbHVlIjoiVlc2UFVFNG44Z3ozTExKZFBJVUZhTzgwSXJCaGMxK1pQUWdJaDRDMXFcL0dUdDhxUUN0MVRrQWxEVHJjMk9MSHl1MnV6UUlnNFwvOW45cFhSZFlBNGtLQT09IiwibWFjIjoiMjBlYzA2YTc4NmZhMmU5MzdkZWQ5ZjVlMzRkMWZiN2E2NDAzNjNlNjczYmVkNzhjMTM0ZWU0ZjIyMjFkYTgzNiJ9; expires=Thu, 08-Dec-2022 08:56:33 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImgxM1FDNHFTMk41VENibWdld1wveGhnPT0iLCJ2YWx1ZSI6IkhCM3ZPRE1NdTl2aTQwalIyQ3hIMkRpeWU4WVwvXC84M3dqQWw1WkF6MEhldFJXOE5MZUlveHMrVURNVVRCY1g5V1wvbHhTNVNEbmNsTHNINVo4a05KUVwvZz09IiwibWFjIjoiOTEwMDY1NmJlMTk0ZTc0OTkwMTFiMzZiZmU2Mjk0NTRlODkzNGM4YzRmNzI3MWEyNzA2ZWIyMmVlZjZkZDIyZiJ9; expires=Thu, 08-Dec-2022 08:56:33 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYCAFcVTABNEQBdVQdSA1MKBARTAwZUBVVESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 21817b6db36f4d8b9553aa0c07b067cf
583df100008d196bd89b6dea970297d289a883e2
b92a874ddad34cee3abb99bc4d999ddf049e22f0408a851a3988b588964724bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6390a0be-116"
Last-Modified: Thu, 08 Dec 2022 05:56:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b8d79685682ab0684ebcd9873dc9f1ad
de00fe0fd4b99a98433a0161801244047115d456
42212f48d6d7f7e7fb0a771330dca03001c513a90364a2e5a0b69813ad0bbecf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.yampi.io/ana/ana.min.js?t=1670544000000
200 OK 2.8 kB URL HTTP/2 cdn.yampi.io/ana/ana.min.js?t=1670544000000
IP
Hash 977e082909047af43f6fc3c14e6d3a6a
a96b7cb326a26e57bf2d1df5a53d71fd87f61560
77b194a7d75211239911e6e96fe20083248625695c883c742c182c7edd1a0b20
GET /ana/ana.min.js?t=1670544000000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: application/javascript
x-amz-id-2: NZHiLZW4twuru4tKGhmbL7JzAi95213yXe9rCr8VQG4FFlPjBye9z3yZDgj6DTdNXARYFilVoC8=
x-amz-request-id: 5PEBWPXMEJAWBRCH
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
expires: Fri, 08 Dec 2023 05:56:34 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7763422b59c3b50b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 389 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash e7d4460e7879780be78a44f1c1450b12
590b9502418e56fd14e55903b35ce6ea06d574c1
496dd04f318875c923f121e34b6d11d33f61eda38a64959316be5b048bf9af36
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 05:56:34 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1728490719%3A1670478994129347&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4SRGrFLSrYB01DPHHiTXdfHpcL7yuFNJfcyhHUOZHr5et1SByyWIlyzvQ9baJ-V4xWKOly
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-soXn4EMad0VKUIzpX0Eicw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:lEqOaVDDZ0iwzeEIB6y7JESYkBAgug:glLwJ4-rKgFVD7pR;Path=/;Expires=Sat, 07-Dec-2024 05:56:34 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mercadolibre.com/jms/lgz/background/etid
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Thu, 08 Dec 2022 05:56:34 GMT
server: Tengine
set-cookie: _d2id=a617eda8-3f65-40e5-b258-1d2b096305a4-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:34 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: c68e1f83-352f-4ca3-ab7c-4beebb174f80-1670478994220
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: a617eda8-3f65-40e5-b258-1d2b096305a4
x-request-device-id: a617eda8-3f65-40e5-b258-1d2b096305a4
x-d2id: a617eda8-3f65-40e5-b258-1d2b096305a4
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 b734db9b28028c2ed717c3d72b3b45b8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: UoZAQyCgM5UrDlhkFeXgCCMaBuKmSd6Gun-mVwQXbfrkfppqnqBDYg==
X-Firefox-Spdy: h2
js-agent.newrelic.com/552.2d6a2503-1220.js
200 OK 92 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (64471)
Hash 9480c0709862437ca40fdf6fb0ccb4aa
05dcb029c7818c1f4e0319e80fcd3017aa4e78ef
b4e4bc72b1fd302a1a9c85aa63b649f32d280d5e8168edbb51b0f9b85aba6e03
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1679
x-timer: S1670478994.404989,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 71d3fd8e585583208a0c2603d8ce77fa
8544b1c463c6ececb140cb7d38266614188e6cd1
8c9c9adf95bbbfa01377442870aa73016ed1393d82e29848d02b30d5987b3f99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=142097
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "639104a3-1d7"
Expires: Fri, 09 Dec 2022 21:24:51 GMT
Last-Modified: Wed, 07 Dec 2022 21:24:51 GMT
Server: nginx
Content-Length: 471
js-agent.newrelic.com/290.2d6a2503-1220.js
200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1044
x-timer: S1670478995.794166,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1660
x-timer: S1670478995.794314,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1972
x-timer: S1670478995.794463,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1670478995.794719,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
js-agent.newrelic.com/39.2d6a2503-1220.js
200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/39.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (7169)
Hash a0a406e7bdf3e14f047e46bcea27640c
c1fbc88d260f16a092c1b7b0e58e4291401478e8
2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049
GET /39.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: KxfPNXIQ38SSfzz490TMAo2ltA9W5l6OlU9HI6h8SfmvQBHsTP/3JrzkCdnsVJAOdxSfq1TwUMk=
x-amz-request-id: ESHWVX2RDYQJKTJS
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 791
x-timer: S1670478995.794956,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2
js-agent.newrelic.com/0.2d6a2503-1220.js
200 OK 2.3 kB URL HTTP/2 js-agent.newrelic.com/0.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (5198)
Hash 852267b16c136b977ccd94900c6c6308
e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: f1JzRiK4HoHej55UIxY8kufnlKMhSjW2G+Vtj2sq4OUFu6SREeWg9kZpjawiQxSTZPEfmKoLolg=
x-amz-request-id: XM6JN6V8R5PG7B8J
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 777
x-timer: S1670478995.795210,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Cn07g451pzP+BuOyXbJ5c0o8ExPUm1rBYP/GYVQDFxcy7KzhZDW/Ep1gB0iV/QBa/UCWbkhew68=
x-amz-request-id: XM6J6T5Z32K8FRFH
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 809
x-timer: S1670478995.795546,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mfz69jbwDdVjAOvigezanDeGlG58lNEgRQZJ5bHuLqr3T+YzVd1KlatkpX7gSSdNs3YsWLt1rsw=
x-amz-request-id: 7DG6EGGM14MJB93M
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 43
x-timer: S1670478995.795518,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
js-agent.newrelic.com/790.2d6a2503-1220.js
200 OK 6.1 kB URL HTTP/2 js-agent.newrelic.com/790.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (17591)
Hash b3193d37837e2f200e10db13deff83a9
d8577b8a972583e81cfd8e31436dcd039aa049b2
5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rOIosPuuEwyY2i5sNYqTXHwZXDs2re4AJB6+I1QFfF9D8vToAF8QBmtRttIasr2/YRes+1f0bv4=
x-amz-request-id: 9HYGKVEA32SEPK1W
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 60
x-timer: S1670478995.795830,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5411&ck=0&s=5b0f9395d6f2f730&ref=https://seguro.geniodescontos.com/cart&ap=31&be=2839&fe=2074&dc=823&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670478988883,%22n%22:0,%22f%22:1873,%22dn%22:1873,%22dne%22:1873,%22c%22:1873,%22s%22:1873,%22ce%22:1873,%22rq%22:1877,%22rp%22:2809,%22rpe%22:2810,%22dl%22:2815,%22di%22:3661,%22ds%22:3662,%22de%22:3685,%22dc%22:4912,%22l%22:4912,%22le%22:5107%7D,%22navigation%22:%7B%7D%7D&fcp=3599&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5411&ck=0&s=5b0f9395d6f2f730&ref=https://seguro.geniodescontos.com/cart&ap=31&be=2839&fe=2074&dc=823&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670478988883,%22n%22:0,%22f%22:1873,%22dn%22:1873,%22dne%22:1873,%22c%22:1873,%22s%22:1873,%22ce%22:1873,%22rq%22:1877,%22rp%22:2809,%22rpe%22:2810,%22dl%22:2815,%22di%22:3661,%22ds%22:3662,%22de%22:3685,%22dc%22:4912,%22l%22:4912,%22le%22:5107%7D,%22navigation%22:%7B%7D%7D&fcp=3599&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5411&ck=0&s=5b0f9395d6f2f730&ref=https://seguro.geniodescontos.com/cart&ap=31&be=2839&fe=2074&dc=823&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670478988883,%22n%22:0,%22f%22:1873,%22dn%22:1873,%22dne%22:1873,%22c%22:1873,%22s%22:1873,%22ce%22:1873,%22rq%22:1877,%22rp%22:2809,%22rpe%22:2810,%22dl%22:2815,%22di%22:3661,%22ds%22:3662,%22de%22:3685,%22dc%22:4912,%22l%22:4912,%22le%22:5107%7D,%22navigation%22:%7B%7D%7D&fcp=3599&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:56:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 776342379bb0fac8-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=6381&ck=0&s=5b0f9395d6f2f730&ref=https://seguro.geniodescontos.com/cart
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=6381&ck=0&s=5b0f9395d6f2f730&ref=https://seguro.geniodescontos.com/cart
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=6381&ck=0&s=5b0f9395d6f2f730&ref=https://seguro.geniodescontos.com/cart HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 669
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:56:36 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7763423becb5fac8-OSL
Access-Control-Allow-Origin: https://seguro.geniodescontos.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
api.mercadopago.com/v1/device_sessions/anonymous_device_session
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.geniodescontos.com/
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:36 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.geniodescontos.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 3a8a306a-5317-4766-b6bc-35c4e1b80317
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-15,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: ca6a14cbbcb4b7e4
x-b3-traceid: ca6a14cbbcb4b7e4
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-15: zixJwkZnOYzWqKlMjvtXIWVqOB9ZLTR8DgmrAHqxKKmDd10c9UA0SrAZbjJSmHDq
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
200 OK 337 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
File type JSON data\012- , ASCII text, with very long lines (337), with no line terminators
Hash 83486ad2cb717afdd26e1171e1aacf66
6cde8256a547e32214d73dc0f04ee2512482d3d1
0c8275045fca6ed2aec62a6692fda27d2a3ada4a297555f71379d4c9e1f0cb41
POST /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:37 GMT
content-type: application/json; charset=utf-8
content-length: 337
access-control-allow-origin: https://seguro.geniodescontos.com
x-request-id: 571bd195-8d46-4434-b691-70302bd35feb
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-15,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 7d3d6f280aedc62c
x-b3-traceid: 7d3d6f280aedc62c
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-15: 4nxPj+gV2T2xqyn/Oyr99mU/ytPHVU2AK4ZL0iQTxpjYaod+be+pwyQqWIBkpaqC
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-hipercard.svg
200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-hipercard.svg
IP
GET /svg/card-hipercard.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-54bc"
expires: Wed, 07 Dec 2022 15:41:46 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 0813:12E8:2880CC:398CF3:638600D9
via: 1.1 varnish
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669728865.605233,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: a3e5b3ae99ce291b6037a6bd774bb0bed72ae5f6
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPtdvQ9NxwhZFdI7iLhIgKzBPKI9G2cSewJI4QLMesuzPeXTirkKLU1P6FztvhQIN14WAlXNHAraMMC4JW%2Bbs%2Fg0mbWpK8nsf3gpNhCZxluTjKhZi%2F2gBkbKB7dEZ7HE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de1f0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-hiper.svg
200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-hiper.svg
IP
GET /svg/card-hiper.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-2392"
expires: Wed, 07 Dec 2022 17:15:15 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 44F2:5536:2B4358:3C5176:638600D9
via: 1.1 varnish
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669728865.609662,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: c7aafe585b6e777ce02bc8ad861e6a412daaca31
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noanoBs52BsE5rz9uYL8mur%2FgGSZoaXf6lJoOvhv21ZCbgQByTLdA6jJUxdwhaAZAvW%2FlB8QpcTUYGa48A0GP9oIZEXEl%2FtLRd9K7ey9ssueD83PrcS6PwOr7dyd2Yg4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de220b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yampi.me/jquery/jquery.js
200 OK 0 B URL HTTP/2 cdn.yampi.me/jquery/jquery.js
IP
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: application/javascript
x-amz-id-2: hFHoXHOYgx6I1rT5LmUWFH8I4gzAwp4gh1eg7iqG7hMsH8APKmWODRPyKM4BsNL9sR+LVpsu3MI=
x-amz-request-id: PPGVE8BRHCVNBDAX
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTkOBlHzX5jGffMofbVoDb%2FjrE43Zw0ionQAM46MZJqKxMKJTrmiGeA9VRGdlOpcllW%2BMOmNSozF1RtPkqqHA2VLCMFTrNqrJrlYTPqZIqRCjRfL01Wj0%2BFMYCn4ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77634226fe360b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.dooki.com.br/fa/4.7.0/fa.css
200 OK 0 B URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: REVALIDATED
expires: Fri, 16 Dec 2022 05:56:32 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 77634226bec2fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/web_device
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:33 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.geniodescontos.com
x-request-id: 691a103e-0977-41a4-b4f7-f2d5da6f7a7d
x-trace-digest-97: 5dI7JqMHLpygn8GhdhpTAed59ZCgpd4mauDQQJYOJwMDoXZETixNyh8Lpbf+S1KE
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-97,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 07fcb8033b98bd3a
x-b3-traceid: 07fcb8033b98bd3a
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1670478993550;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background?dps=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background?dps=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f
IP
GET /jms/lgz/background?dps=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Thu, 08 Dec 2022 05:56:34 GMT
server: Tengine
set-cookie: _d2id=35de35c6-86bc-43bd-b65f-f23aeb3d08b1-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:34 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 17
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 35de35c6-86bc-43bd-b65f-f23aeb3d08b1
x-request-device-id: 35de35c6-86bc-43bd-b65f-f23aeb3d08b1
x-d2id: 35de35c6-86bc-43bd-b65f-f23aeb3d08b1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 3340b5a392e45fce453c4d978abfd6be.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: d9kRXnjqcMFfWoqksOnqPgxuiJRBlCPALPiMvpUecWtIKB1Llb8P3Q==
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-discover.svg
200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-discover.svg
IP
GET /svg/card-discover.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-f89"
expires: Tue, 06 Dec 2022 18:22:34 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: FD6C:36F9:29D68F:3AE4CF:638600D9
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669730538.049995,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 44859ed3b671ead5305a99a84d4f10e6aaaa8abb
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deNUddsMjiIFzmGmZFThnDPIHJCPHLCwj5PJXLIE19rcFOiWlNr6NWDot1eTz1MZFZ71broiMvjWuPegNBARdnWITGuN8jWVsZAS4mF7uxP7MwkvVECq4%2F2FDSU5r46r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de210b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.geniodescontos.com/
302 Found 0 B URL HTTP/2 seguro.geniodescontos.com/
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 08 Dec 2022 05:56:31 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.geniodescontos.com/cart
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5tK0VqUzI5cmNhbDQwRHZUSVA2SUE9PSIsInZhbHVlIjoiN3ZRc1B4XC8xaUtWUGxlMUN0bnNCWTJicWZvQzU4UWZEOUx5TjBORUYwSzdRTFBLUGtRZ21TU1M5RXVXNVIwWmNsdWM5SmcyYmljRVlVbUtKTVoxbTJRPT0iLCJtYWMiOiJjODA4MThmZGI5NDMyOWNkYjY3MGQ3MTYwNGEwYTM1ZmVjMTQzMGVjOGM1YThmOWRlZGI0NjJkMGExNGMyZDI1In0%3D; expires=Thu, 08-Dec-2022 08:56:30 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjhrbllyZ013S0oxcnkyNUV0TDZSWHc9PSIsInZhbHVlIjoiZlN1TFRQa3MySEhUMndDWGQrcDR5dHlJXC8xK1wvQkN3YjRVVmtIUWRuRmtwcFd4V0dyNll4RzhBdVlRTVwvVUwyRHh2SjYzcXpHaFZ0NzlzNmVpbnA5RGc9PSIsIm1hYyI6ImE1NzM3MGQ4NzNjODA1MGY1NTI2MWRiYWEwYjE0ZjU2NjI4Y2UyZWNkYjM1YjY0YzRkZWM3N2I1NjQyMDVlMmEifQ%3D%3D; expires=Thu, 08-Dec-2022 08:56:30 GMT; Max-Age=10800; path=/; httponly
geniodescontos_cart=eyJpdiI6IkhpVHM2eTlPOVRCUldMSnRHV0RqVHc9PSIsInZhbHVlIjoiXC9rU2h2ZGZ4MGo1MDhveGo0d01ZdWw4dXVUMDJ4ckxkZzlwRmVOOHE1bGg3MWJ4ZVNBS1NGY05hdjVxWVpuaUlWcXZHTHdaZnhRMFVsaGlmQTdtYXFnPT0iLCJtYWMiOiIyYTVjODNlNGExMWIyYjJjMDhjMWVjMGQ2M2QzYWRkNDE3N2NkN2FlNWI0YTg4MTAyZjBmNjMwYWZhMjA5ZTJhIn0%3D; expires=Tue, 13-Dec-2022 05:56:30 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
IP
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 05:56:32 GMT
date: Thu, 08 Dec 2022 05:56:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f?background=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f?background=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP
GET /jms/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f?background=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 08 Dec 2022 05:56:34 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=3a24d142-8a0e-458d-a6d3-c81e9d6ff2b2-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:34 GMT
dsid=ba014428-61fb-42aa-bac5-b478bf897484-1670478994941;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=2b13b73b-2909-478f-b2a3-5ec5b5275fa1-1670478994941;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 8
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 3a24d142-8a0e-458d-a6d3-c81e9d6ff2b2
x-request-device-id: 3a24d142-8a0e-458d-a6d3-c81e9d6ff2b2
x-d2id: 3a24d142-8a0e-458d-a6d3-c81e9d6ff2b2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 3340b5a392e45fce453c4d978abfd6be.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: Il3lLzbsmyV9l1QEL0u-17PPt2_NNoshNI4ygLwPmWHUdY22QZP4yg==
X-Firefox-Spdy: h2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f?background=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImM2OGUxZjgzLTM1MmYtNGNhMy1hYjdjLTRiZWViYjE3NGY4MC0xNjcwNDc4OTk0MjIwIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjQ1LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo3MywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0NSwiaGFzaCI6MTg2LCJ0b3RhbCI6MTg2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
200 OK 0 B URL HTTP/2 www.mercadolivre.com/jms/mlb/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f?background=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImM2OGUxZjgzLTM1MmYtNGNhMy1hYjdjLTRiZWViYjE3NGY4MC0xNjcwNDc4OTk0MjIwIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjQ1LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo3MywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0NSwiaGFzaCI6MTg2LCJ0b3RhbCI6MTg2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP
GET /jms/mlb/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f?background=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImM2OGUxZjgzLTM1MmYtNGNhMy1hYjdjLTRiZWViYjE3NGY4MC0xNjcwNDc4OTk0MjIwIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjQ1LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo3MywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0NSwiaGFzaCI6MTg2LCJ0b3RhbCI6MTg2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 08 Dec 2022 05:56:35 GMT
server: Tengine
set-cookie: _d2id=b057d23c-b5ce-4e9a-a642-40a2592b0e9a-n; Path=/; Domain=.mercadolivre.com; Expires=Fri, 08 Dec 2023 05:56:35 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 8
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: b057d23c-b5ce-4e9a-a642-40a2592b0e9a
x-request-device-id: b057d23c-b5ce-4e9a-a642-40a2592b0e9a
x-d2id: b057d23c-b5ce-4e9a-a642-40a2592b0e9a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: q7BorHWMbKcHvC0etx9xZmLB990Q4LlVZkyuvT7ZM7HKwIdeZuA1Eg==
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJhNmFiMmMwNC00ZDY4LTQ4NGUtODE1YS05MTdmYzVmNTdkMjQtMTY3MDQ3ODk5NDk1MCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiN2QxM2FlODYtZDc1Zi00MzE1LWJhN2ItYTAwNjQxOGZmYTQ0LTE2NzA0Nzg5OTQ5NTAifQ%3D%3D%22%7D&callback=dp_jsonp.process
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJhNmFiMmMwNC00ZDY4LTQ4NGUtODE1YS05MTdmYzVmNTdkMjQtMTY3MDQ3ODk5NDk1MCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiN2QxM2FlODYtZDc1Zi00MzE1LWJhN2ItYTAwNjQxOGZmYTQ0LTE2NzA0Nzg5OTQ5NTAifQ%3D%3D%22%7D&callback=dp_jsonp.process
IP
GET /jms/lgz/background/session/armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJhNmFiMmMwNC00ZDY4LTQ4NGUtODE1YS05MTdmYzVmNTdkMjQtMTY3MDQ3ODk5NDk1MCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiN2QxM2FlODYtZDc1Zi00MzE1LWJhN2ItYTAwNjQxOGZmYTQ0LTE2NzA0Nzg5OTQ5NTAifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.106860ecfc0b27889f2c10b17132ef2f89f074524accc6d95ef203130a413b12ba621583388bc324dd96c3535efcc90ff10858b1bdff6e4af730c3fc63ade49b9655b5dc5df8c74bb64978e2e923f7f988ecbee27d66d154a978e3d3b6559d48.c21316e6c35783761de0699183b6031f
Connection: keep-alive
Cookie: dsid=ba014428-61fb-42aa-bac5-b478bf897484-1670478994941; edsid=2b13b73b-2909-478f-b2a3-5ec5b5275fa1-1670478994941
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Thu, 08 Dec 2022 05:56:35 GMT
server: Tengine
set-cookie: _d2id=0f59399c-94c4-462f-9508-325b0e710344-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:35 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 0f59399c-94c4-462f-9508-325b0e710344
x-request-device-id: 0f59399c-94c4-462f-9508-325b0e710344
x-d2id: 0f59399c-94c4-462f-9508-325b0e710344
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 3340b5a392e45fce453c4d978abfd6be.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: B9yL4goE8zrMdaKyU_OYvgRBXWOxvptF2Rviy7gwD5HqTNEiVByHOg==
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-amex.svg
200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-amex.svg
IP
GET /svg/card-amex.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-5f3"
expires: Tue, 06 Dec 2022 09:17:01 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: C6A6:2AF8:4D8E67:5010E2:63860087
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669730538.039287,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: def9948b481cf59adea073f356f0a04e844eafab
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFZbFHWxamovlNJoUBD6NZC3i59wozhu3dqo6lxJGYtwJIHi9O5H5mgd8ck%2FS%2BkJKmwOFVTJ2jKsWUw5ydkhzX6WhxgsUC3RIXygX5iS0pIw7DsHIEjIcdZl%2FV2xkHUD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de270b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-aura.svg
200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-aura.svg
IP
GET /svg/card-aura.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-111a"
expires: Wed, 07 Dec 2022 13:11:56 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 7B54:1978:2895E9:39A35C:638600D9
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669736548.270685,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: e775fad83003a93227de713f9fa108ccaf66e2ae
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIzgu4m4qWKD%2F3Kc2adyzGLEdjSGvZIYJxDWof7gw5l99vlFCYL72%2B0H4mJxVWRvNsqFLbYeekEIzo6af4JiXtj6iiXelqvnlfJISXeMWjw2UpzPad8aXZKjIYI5ZMeY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77634226de200b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb
200 OK 0 B URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb
IP
GET /checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:32 GMT
content-type: application/javascript
x-amz-id-2: hM9Bhh8l55YRUkDhaTk8AtrxL+CUgezoThrn2hf20anv4w+wuyS6Xe4BUWgV24BWfb4jezwvBkc=
x-amz-request-id: RFHWWX32B2FCJM77
last-modified: Mon, 05 Dec 2022 11:39:58 GMT
x-amz-version-id: XAOfzSJmKppL0sbWPR5pXk3TA1tBun.Z
etag: W/"0f7bae2d9147e386916bfc7d1c6ed4c6"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8pmkhY5Ub4jzXFIhmMJwmapZiYkUBSAc4qASRUGvCimDt5nzkUqafSj3EW09QDIdQaPIjYcGXgkRvi%2BHyb77ekFKxJCvkdBjb4AA%2FsJs72327VUeS3VknAL8rOuPyzcV7qR9OC9inkc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77634226de1c0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
170.82.174.30
23.33.119.10
162.247.241.14
104.18.0.53
93.184.220.29
31.13.72.12