linkcurto.co/2zekzzvv38qo0
301 Moved Permanently 0 B URL HTTP/1.1 linkcurto.co/2zekzzvv38qo0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2zekzzvv38qo0 HTTP/1.1
Host: linkcurto.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Sep 2022 04:50:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 05:50:06 GMT
Location: https://linkcurto.co/2zekzzvv38qo0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM0cAQGn0J75WPrLqKVMBvPVNx7N7ITY%2FRJtLujnaP9HvJyTBYdhXEUZwmCix8rcJH6EH3Z%2BxT7ufCmi5Gf8BIOjebbvLOhrFTSrOo2ikkXyh7iS9cePbDg%2BdGdxk6w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74858a797ce7b50c-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 04:06:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yUIkreUFng331dQP6A18S5q6USfeYMZVLV2R2P9R9Kole6nMyyHURw==
Age: 2623
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12011
Expires: Sat, 10 Sep 2022 08:10:18 GMT
Date: Sat, 10 Sep 2022 04:50:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Fri, 09 Sep 2022 07:17:12 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a54FlWRLGpOuCKKo8_r2NTXpXCcYHT-85c6C5ryGpu_15PQ-CMKBaQ==
age: 77576
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 04:50:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 03:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 03:57:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -wdVo1ewfF4adNnJRPXDN3Y_ufLe74pNC5Ko4jfzkVUqwOc93zY_-g==
Age: 3240
ocsp.digicert.com/
200 OK 471 B IP
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5596
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:07 GMT
Last-Modified: Sat, 10 Sep 2022 03:16:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WCKf77VfLPTbQd2mqiAs8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K7HlBFFeBGhKwlSu2/VEcLPmvoU=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e8dc6c19398acb10ba5a98614864a716
8a37a04cee720f28b98b1daed07d3598be7a7345
3ae898d06d4762f916926c3e1cfc5d2099e7b12421fb77ec7da15acb893c231d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AE898D06D4762F916926C3E1CFC5D2099E7B12421FB77EC7DA15ACB893C231D"
Last-Modified: Wed, 07 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Sat, 10 Sep 2022 10:49:12 GMT
Date: Sat, 10 Sep 2022 04:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 04:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 04:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 04:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 04:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Sat, 10 Sep 2022 07:33:15 GMT
Date: Sat, 10 Sep 2022 04:50:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb358d56b-1529-49fb-acad-abce67fe4e95.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb358d56b-1529-49fb-acad-abce67fe4e95.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2d5547c8b8cf6288807524542d73c8e
05927ada9355556ab3911fb81f243d8649593cb9
af5f55648469bee39b7eb9cb35264298a14b3337a207897d0cb92efadfd5901e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb358d56b-1529-49fb-acad-abce67fe4e95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10455
x-amzn-requestid: 37a3f249-f32b-4c57-9dfa-5c0b8a222c8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEOe9EydoAMFnVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317f792-2fb665fb12583196233c7d53;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 01:44:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VlaooM-Fw_p3GPifJ49qkIHX6LmviBqCHfw-zOmD5bZVwoU1aIZ5_Q==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 04:22:46 GMT
age: 1643
etag: "05927ada9355556ab3911fb81f243d8649593cb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b83fa95ed30533299bc754adaced672
27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af
bc59e5ba6abafd8e7b10d6f8ae2269cbf739a4b28f9cbbf3adfc29a9195e6985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: af5e61ab-4f7b-4b03-8413-5d750b17e0df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj9TH7vIAMFVMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6bb-309144fb6e02564c4fcdb966;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 431HLVqbn8oTvANn1RGg7EBQfwx-1JveoQtIF5erA6__TvdNdEgO2A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 07:26:49 GMT
age: 77000
etag: "27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa182b544-7a04-472f-a9a7-ebdbae8e3f2b.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa182b544-7a04-472f-a9a7-ebdbae8e3f2b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5839e530b8896305482a891ce3ee932
656d3067399152a787e1892177999b18b68df0e8
e626c93be83078240745ed4c7cbf1583f961a4ba5bffda39bce5ac3e8173ac22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa182b544-7a04-472f-a9a7-ebdbae8e3f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9882
x-amzn-requestid: cd8faaa9-718f-4996-8ad2-422262171c1a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWFwXoAMFy-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-16672c55534c2dc52aae3ebb;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: OT_CQarnEnYCsdaFtzgiZkcxZCiAaw_XOluJ00u60bI5dMS4I_l18w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:32 GMT
age: 23797
etag: "656d3067399152a787e1892177999b18b68df0e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d42aeb1-7286-47e7-80d0-9f935ff0e357.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d42aeb1-7286-47e7-80d0-9f935ff0e357.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 827a2babef4ab84362ee689aa17ad274
22af3681777fa8f4b2b2701b6908b964ae196ccf
ac5b44ab4f884494a472970b4aa21602ca8d09c5db44016151fdb08a2afcd06f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d42aeb1-7286-47e7-80d0-9f935ff0e357.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: b5b3bc92-81fb-44c9-8779-75acdcfe3698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitVHV6oAMFtAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-1fc0dbcb38916f80068ddd30;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: zWlncI8c_NNPfirYIVAXQMvjRStc1JDgTLqQiBx6WKa9_qgObTeKLg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:15 GMT
age: 25194
etag: "22af3681777fa8f4b2b2701b6908b964ae196ccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 478caf1cbdbafefa1b73c4e1a21e027c
90dd5e86857e7f6313bbb053baa8c1d4784d3089
0c845efdea74e5b1245ca00ea33a0b8220551d156ca34620e3d90ccb4de345dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8706
x-amzn-requestid: 37d04670-7b5a-4cbb-ad4c-46615c604bc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzcG2moAMF30g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb349-5351f9c15ad587ae3c807d48;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lcckuCebVvSAYgrOAQaGKSp9Bg7RMpdpgIr_3rlRjKgn6iuIQYDHVg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 23786
etag: "90dd5e86857e7f6313bbb053baa8c1d4784d3089"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250c93aa-253b-4354-9955-25ab2a663bc0.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250c93aa-253b-4354-9955-25ab2a663bc0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e23b206e95320e5f944478f1c873d4c
d2bde7891908b44713e8ac81d39d2bfa27abf108
fa1fdad0bc869977cccef69be469e4c6e7ad018c5424480d9ec3f2bd2a7c22fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250c93aa-253b-4354-9955-25ab2a663bc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8220
x-amzn-requestid: 163470c8-ddaf-447c-994d-36d058fc5d82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkDJFMSIAMF1XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ad-157b820053ff36286de2b6a2;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _6Njy49_HmnGfo_gczCXLsMseZKkCwRgIN2iOBO6dx6SXUvxsAn5oA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:01:26 GMT
etag: "d2bde7891908b44713e8ac81d39d2bfa27abf108"
content-type: image/jpeg
age: 24523
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/assets/css/app-f44a883bc0.css
200 OK 134 kB URL HTTP/2 awesome-assets.yampi.me/checkout/build/assets/css/app-f44a883bc0.css
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 134 kB (133865 bytes)
Hash f44a883bc0053f8b6e3f2e277c57ba94
55b0c8ce27397adf2dde00dade512dd51e8a5227
4de73ff14ff621eb8699ce6f8d16011db1396da836d3f3c58b65fbcd7501365e
GET /checkout/build/assets/css/app-f44a883bc0.css HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:10 GMT
content-type: text/css
content-length: 133865
x-amz-id-2: iiKNJustH0CCZ5a6QV3nu9l0w55abVTuIhW6aZmtaWl2lTiesdV7yPUBVUWMwku5f4z6B95amAI=
x-amz-request-id: R7XSAPF5QSPDGPJG
cache-control: public, max-age=315360000, no-transform
last-modified: Tue, 06 Sep 2022 18:09:42 GMT
x-amz-version-id: 5d8O9v6VyeU6klY2wk2zkN3NliDvHubb
etag: "f44a883bc0053f8b6e3f2e277c57ba94"
cf-cache-status: HIT
age: 294576
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38cwEaJPPdz3R%2Fb8HKa4oof49s%2Bk%2BVoeBNguoICG5TkYCX4TSr3EmXuP42SBgzvYbrb4vGzy4kDhrDhs4tS41gTLzHxCy2Lin%2BTOqYVWVzJJTBQhRsjghREz09stN2gSujY2wKMYK4%2Fh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74858a904a130b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
200 OK 9.1 kB URL HTTP/1.1 secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (25829), with no line terminators
Hash 13e3cc8ff400bf1da09ba98065151e4a
05da8917634372f71cd2f851e42129fecfb2f45f
9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "825262-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: d2e52704-7958-472c-b559-cac792b41f98
X-Request-Device-Id: d2e52704-7958-472c-b559-cac792b41f98
X-D2id: d2e52704-7958-472c-b559-cac792b41f98
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Sat, 10 Sep 2022 04:50:10 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash d5f1a4a3cbcff2a380ae3b2ed83909c4
51db46957c05e034a896a4ede346f2ed90901012
fee75b595277c400b25afefb4206d7a0b6275cc29f7c4caab2457190550ef77c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 803
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Last-Modified: Sat, 10 Sep 2022 04:36:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
fonts.dooki.com.br/fa/4.7.0/fa.css
200 OK 7.4 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP
Hash 5910c7488044d5ef9abbe39f559288f4
4acb5f7da4f3361f723f6ff448fa62165e157227
441042994a83a95276d658e3f3addc8fd681d91ae73d0b01ccd78a9c88a70678
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:10 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 1481
expires: Sun, 18 Sep 2022 04:50:10 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 74858a902bc7b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash b7a6c59a907d5a389d2689db5a03b1ce
75084c2c8c6fea60d8bbfa6b22cecd4d51c98e31
00a024e5bb473677e5844a1dc71854b4351f003df053dae198624d2985f3fe86
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 10 Sep 2022 04:50:10 GMT
date: Sat, 10 Sep 2022 04:50:10 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
IP
Hash 2de30ac88bda6b153233ed89bd362300
938b43e51fac46781b13cedd8d4e20b546404623
f6cb0884ab6185c0633efa68897e7190ce5cae9804dceefa821872fe44c24715
POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.upnid.com/v0.js
200 OK 8.9 kB IP
File type Unicode text, UTF-8 text, with very long lines (23050)
Hash 960c2f02f796ed460b2c3911ee0f498d
862e007ff302286b83d9e5b4b880acdf5894ac1a
d5112369b9ae06973e98285df7d92749ddae470430912d01fd70f7c45207592f
GET /v0.js HTTP/1.1
Host: js.upnid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
content-encoding: gzip
via: 1.1 google
content-length: 8884
date: Sat, 10 Sep 2022 04:25:29 GMT
age: 1481
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 597639c5b287240ed2c4f2a4594bbcdf
206b37c76e974c1e092096c1c94d14efc810ab83
39e74dbede009e48970653678b439fbd464c168a451aabc40d5888f9a9eece01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Server: ECS (amb/6B85)
Content-Length: 471
ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
IP
Hash 2de30ac88bda6b153233ed89bd362300
938b43e51fac46781b13cedd8d4e20b546404623
f6cb0884ab6185c0633efa68897e7190ce5cae9804dceefa821872fe44c24715
POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seguro.wavescalcados.com/checkout/address
200 OK 38 kB URL HTTP/2 seguro.wavescalcados.com/checkout/address
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 03595b981342096441d3017d6bd79f11
ddd9c53d95e63eb547b863d54c7a6923bf7a2dd3
a8c96be3acbd840110d869ffe08577c61fe5ed15f46e50889a1979a4777d0a24
Analyzer Verdict Alert fortinet Phishing
GET /checkout/address HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlZnMVdsa083RnNIWWpwSjdcLzF2dFF3PT0iLCJ2YWx1ZSI6ImllZEVlU2wrTE1HWVNoMEYrSGRaQU5XdktJUnBMdFZYelFkMFlEazNBaUI4XC94c3djaFVFVGVqaDN1WW1qbkVuTEZ0VXUyKzZzUUppOHhjTzlGWGw3UT09IiwibWFjIjoiYTkxNWNkN2MyNDE0M2U3NzJlMDMzZWFhNmIxMDY1NGRjYmZlZTQ0NDEyODA4Mjg3MTgxOTlkODYxMzZiMjYwYSJ9; bubbstore_checkout=eyJpdiI6IlgxMXBabVByakRsZmljcDlYaU1sV3c9PSIsInZhbHVlIjoiZ1BcL0ZMZFdRMUxKUGp6RVpsZGxvN2NiYTdwMlhUc3VDbEV4SitxeitEa1wvR0tNOHJDWVlLNCtlZlBqMEZrR285QlZPRlhnMmdUN1NQekprT1JBZGQzZz09IiwibWFjIjoiYjg4NmQ1YmYzOGI2MGQ2ZjM1OGFjYTI3NDhmNzUwZGJjODdjNGRjMTJiYWM5ZDA2MTUxN2YxNzgyOTBkOWFiZSJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:10 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; expires=Sat, 10-Sep-2022 07:50:10 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; expires=Sat, 10-Sep-2022 07:50:10 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14898c21f5fb844c76636575127c1c0a
a73c3279faf71c11de25f4f9282ceb6c859574fe
287a2963e4f83b0d2b3509ad70255f758e9ed07d279089e24808a619bd0599fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6261
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:11 GMT
Last-Modified: Sat, 10 Sep 2022 03:05:50 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 14898c21f5fb844c76636575127c1c0a
a73c3279faf71c11de25f4f9282ceb6c859574fe
287a2963e4f83b0d2b3509ad70255f758e9ed07d279089e24808a619bd0599fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1347
Cache-Control: max-age=162559
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:11 GMT
Etag: "631bea3f-1d7"
Expires: Mon, 12 Sep 2022 01:59:30 GMT
Last-Modified: Sat, 10 Sep 2022 01:37:03 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 14898c21f5fb844c76636575127c1c0a
a73c3279faf71c11de25f4f9282ceb6c859574fe
287a2963e4f83b0d2b3509ad70255f758e9ed07d279089e24808a619bd0599fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:11 GMT
Last-Modified: Sat, 10 Sep 2022 04:50:08 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 471
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.wavescalcados.com
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.wavescalcados.com
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/devices/widgets?referer=https%3A//seguro.wavescalcados.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.wavescalcados.com/
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:11 GMT
content-type: application/json
content-length: 0
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.wavescalcados.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-request-id: 193ddbd0-9152-45fc-9add-ae0ea0036c4d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
linkcurto.co/2zekzzvv38qo0
301 Moved Permanently 33 kB URL HTTP/2 linkcurto.co/2zekzzvv38qo0
IP
Hash d24f8c24c4690e62a61f7e7001e804a5
ca7d42beebcb972122ef5d5977dd0bdbe57612ad
6717661170e17ea0262e1d36a7c8dea6a3d480f339ab2b47854626c7f9d91d47
GET /2zekzzvv38qo0 HTTP/1.1
Host: linkcurto.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 10 Sep 2022 04:50:07 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.wavescalcados.com/cart?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho Abandonado 1&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd
set-cookie: XSRF-TOKEN=eyJpdiI6ImNKdm0wYjh5dGV2MU92Rjh0eXB4b1E9PSIsInZhbHVlIjoieDB0TW1RdkJQVjZpN09paUc5NFlNT1JIbjdPWEpBWmFPZkJnV0JsRmdDK1B4ci9wbnUvMS8rVWN3b0FzR2tWaW5pdVlDdkhLMENuZVROeDlQQVVkZmpmWHQvYysxeVhCSnpMekljdUh3ZlBLWHhTdVl5ajYzSW43UzZ0eWJxNVYiLCJtYWMiOiJkMTBiNTNiMzY4YzA4ZWMzYmUwYzZkYzllNzJiNGFlM2QyZjM0YTE0NzQ5OWM4NTYxM2M5ZDIyYTM1Y2FkOTMyIn0%3D; expires=Sat, 10-Sep-2022 06:50:07 GMT; Max-Age=7200; path=/; samesite=lax
linkcurto_session=eyJpdiI6InFvRHlPeFZ2M2dEMVRrdUpoMitCc3c9PSIsInZhbHVlIjoicGNpR1o1VE50d1ZSREQ1T3F6N3E1Nk5yTngrRzFYay9zN0p4RTYzdE0yZFVPMmt4aFFLU2Y5Sjg2cElrR1BqbE1HZk1CUkh4dFhkRHE1Z2FKZFgwQytmSXczc25lbWVXU0hJL1RZSUlpdHNOTjV3YUEvZVpwOE5ZR0tyZzBCZzkiLCJtYWMiOiJjMmM2MmI4MGJhOGQ5YmFiMWQxNzY3ZmVlNWI4ZTFkNjE3OWY1YTMyN2NiZTNhMzk4MmZiZTU3ZDEzMGYwY2Q5In0%3D; expires=Sat, 10-Sep-2022 06:50:07 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf1qFbLt8a49rRRAbYBmf9OK3qHvkOvLZUqed%2Fw0Kzq0iNsUiSP1%2FH6LzbJfPjnNJ7g54UJLubKXD512jb73UJAcTEIzJpjm3oexzBVs7PbJP8YxbSKU8e399w5vflI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74858a7b3acfb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/web_device
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.wavescalcados.com/
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:11 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.wavescalcados.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 7287eeea-6c8c-42cb-870c-553b26eb2b9c
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-44,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: bc252124592b3404
x-b3-traceid: bc252124592b3404
x-trace-source: fury_app
x-trace-digest-44: Tte13dJ3F9/Xvd0UF59fRH5KfjTagFAdCXGcYjAB0EydjKMFJ0sGRaUf67LELrWt
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
stc.pagseguro.uol.com.br/pagseguro/api/v2/checkout/pagseguro.directpayment.js
200 OK 2.3 kB URL HTTP/2 stc.pagseguro.uol.com.br/pagseguro/api/v2/checkout/pagseguro.directpayment.js
IP
File type ASCII text, with very long lines (8220), with no line terminators
Hash d155846e9d2bba207ed4e4f326b470f3
2e8544830a2b548da372350352a9d04372cb84c3
5be2051bfd2d4c73af54a685ce1c1628d4909edf7307c67521852747875db6ca
GET /pagseguro/api/v2/checkout/pagseguro.directpayment.js HTTP/1.1
Host: stc.pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript
date: Sat, 10 Sep 2022 04:50:11 GMT
ec-rule-version: 20220707-02
last-modified: Tue, 06 Sep 2022 21:03:46 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
content-length: 2275
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:08:19 GMT
expires: Tue, 05 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 373313
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.wavescalcados.com
200 OK 12 kB URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.wavescalcados.com
IP
File type JSON data\012- HTML document, ASCII text, with very long lines (40543), with no line terminators
Hash d61b9ed9bb4b8cda2c31d82e87c9fdba
431807b5812aa305b97d6108ea4141387f0da6b2
3c56dd35add186d1d38b24941f83c371ad9e39b799ee8abc8ed777ad88f661d8
POST /v1/devices/widgets?referer=https%3A//seguro.wavescalcados.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:11 GMT
content-type: application/json
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: public_get_session_widget
access-control-allow-origin: https://seguro.wavescalcados.com
access-control-allow-credentials: true
set-cookie: profile=1662785411733;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: ecf44044-a11b-4d12-83cf-fe5b82d478a1
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:12 GMT
content-type: binary/octet-stream
content-length: 77160
x-amz-id-2: fDKEY0kQgVpY52eAzOH/jjV3wPJ0wrqp3Z4bo6SN5LStD0+Qk0bhEiZN4SNaDE55XtznCXyQDYs=
x-amz-request-id: T44ZE8B1TCXRWXME
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: MISS
expires: Sun, 18 Sep 2022 04:50:12 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 74858a98fc1d0b51-OSL
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/etid
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sat, 10 Sep 2022 04:50:12 GMT
server: Tengine
set-cookie: _d2id=f2201b32-7743-4d1b-acd9-199520ace0e1-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 10 Sep 2023 04:50:12 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: 25acd64f-52d9-48f0-aedc-d1ca564eb722-1662785412531
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 13
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: f2201b32-7743-4d1b-acd9-199520ace0e1
x-request-device-id: f2201b32-7743-4d1b-acd9-199520ace0e1
x-d2id: f2201b32-7743-4d1b-acd9-199520ace0e1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F-9zsgc43G3XoMppo5TDAl9B5Md3iMnUil9DRFt5_DCsXpV5Kb3n3A==
X-Firefox-Spdy: h2
stc.pagseguro.uol.com.br/pagseguro/j/lib/commons/pagseguro.datafortress.v3.1662498153680.js
200 OK 2.0 kB URL HTTP/2 stc.pagseguro.uol.com.br/pagseguro/j/lib/commons/pagseguro.datafortress.v3.1662498153680.js
IP
File type ASCII text, with very long lines (8047), with no line terminators
Hash 4ff88402107db10a474d1427b75387b2
520baed988a47029bfe65028eaae28ccac3cda91
8d348546e7841d38e080ef4dd61ea18dc5e6d9f7462c388fda9d3b827e42984f
GET /pagseguro/j/lib/commons/pagseguro.datafortress.v3.1662498153680.js HTTP/1.1
Host: stc.pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=60
content-type: application/javascript
date: Sat, 10 Sep 2022 04:50:12 GMT
ec-rule-version: 20220707-02
expires: Sat, 10 Sep 2022 04:51:12 GMT
last-modified: Tue, 06 Sep 2022 21:03:36 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
content-length: 2012
X-Firefox-Spdy: h2
seguro.wavescalcados.com/api/v1/pixels/events
200 OK 33 kB URL HTTP/2 seguro.wavescalcados.com/api/v1/pixels/events
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash 588c7a36a1af6f6578abcdef88962441
4f27944450bba2da0b6e0b2c943ed01440fee62b
4961a1d114c129836510e88175658a9e4377f5e9a2b64beb926f35e26c20e37b
Analyzer Verdict Alert fortinet Phishing
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjMwZjJjZTA0ZTVjNTA1NjYiLCJ0ciI6IjYyZjIzNDZiMTNhNzQwNzQzYmJlYTA5YTBmZjc5OWM3IiwidGkiOjE2NjI3ODU0MDI2MjF9fQ==
traceparent: 00-62f2346b13a740743bbea09a0ff799c7-30f2ce04e5c50566-01
tracestate: 2935249@nr=0-1-2935249-1134170823-30f2ce04e5c50566----1662785402621
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 241
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:12 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImF5Nm5jMDdSenJoclppXC9wczZXZmJnPT0iLCJ2YWx1ZSI6ImhrVmUwYjdRN2JNYVRFdVFjYndvclpCY3p6TW5JVmRyMGNDckVkMGpJem5yWUdpdGZNb2VRYklcL2pNd0owTlwvN2Iza2dra3hFOTBtalNPUUlsVTR1TXc9PSIsIm1hYyI6IjcyNGRlZWYzZTFkNzQxNzg2MzEzZDZhMTAzZTcyZmNlMzkwM2RlZWU4ZjYyNTg2OWMyZjIzODNiZGFiZDFmNGEifQ%3D%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlN2dk9wVHk3TnpKV01FeGZEXC9RbndRPT0iLCJ2YWx1ZSI6ImN2MzhIcVJjYk5WcGNIYTRiZUU1WnJRdWNkQWJibHRGY05LdGVQRE14RjlGbGxRbHg4a3NacDFjQXJseVBMbXNWUUVqd3dUb05zMGV0WFJCUDV1VVB3PT0iLCJtYWMiOiIxZTAxMjE2YTlkMWNjNjVjYWQzYmNmMDM2OTAxZDUyMWNlZmRhNjBkMDhhOThiNDQ2MDkwNDgwODc0NGJiODFjIn0%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QAVdcAhtMV08aUQFRV1tSBVVSVwIPUVQCVUAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
200 OK 3.1 kB URL HTTP/2 pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4559), with CRLF, LF line terminators
Hash c117e226ad8f70fc9236b93f041f63f0
bf85ff319c45165ba22f4d7785d66278e890a903
8e6d82cacee265f3d43dd9c5c0b9770ee14bc97e557ca973bc528dc201b75e44
GET /checkout/direct-payment/i-ck.html HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-language: pt-BR
content-type: text/html;charset=ISO-8859-1
date: Sat, 10 Sep 2022 04:50:12 GMT
ec-rule-version: 20220707-02
expires: Mon, 01 Jan 1990 12:00:00 GMT
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=65205cd10558c60fdeff41eb9598fd7d2c6864da25b737c7; Domain=pagseguro.uol.com.br; Expires=Sat, 10-Sep-2022 05:20:12 GMT; Path=/; Secure
csrfId=185; Path=/; HttpOnly; Expires=10 Sep 2022 08:50:12 GMT
JSESSIONID=WXwwrDWGH9CcMY1CB6aX+A**.ps4; Path=/
csrfId=185; Path=/; HttpOnly; Expires=10 Sep 2022 08:50:12 GMT
TRANSACTION_COOKIE=4d465daf6e944b41be218021fef5fc6b; Expires=Fri, 09-Dec-2022 04:50:12 GMT; Domain=pagseguro.uol.com.br; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-newrelic-app-data: PxQFUVJVCAoAR1BSAAgDXlADAhFORDQHUjZKA1ZLVVFHDFYPbU5gEhZfWQYlDFZHQgsNDlJDa0kAWERWARJOElEbVQdWTGgdWkhaCh8JRw8IFh8mIzcRERxUT1IbARlWVwgOA1BfUVocUhRAAAEBAlEGWFACBwJVVAcPUkRPXlJcFwQ/
x-ps-migration: direct-payment-router
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP
File type HTML document, ASCII text, with very long lines (579)
Size 158 kB (158056 bytes)
Hash d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 21:31:14 GMT
expires: Sat, 09 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
age: 26338
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cc4218e586f6bff1e9cbca4bf8c6209
5ec1fa5620128855dc4e726f9def56ffa1828f96
2fdcdee1f9aec4d22528d984312b40199c757c169c8d1368ee5f9792ae739357
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 49bb506fd2087ce606cf1207c22cd7d9
3e41f996bb72070c81dca4833b5b44bff563059d
1edfaa3998425120e4165dfbde171296fae51afe0e1420b9cc1cd68aa638f751
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4457
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Last-Modified: Sat, 10 Sep 2022 03:35:56 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 04:41:12 GMT
expires: Sat, 10 Sep 2022 06:41:12 GMT
cache-control: public, max-age=7200
age: 540
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LNsAPBQN7eED9Q0tbISb9umfEG7WE09DFDRR0uAv/jjGzdr6NFAOBmslQvEdODY9ZA7iqfTFfi8zkfKDWPS2Kg==
priority: u=3,i
content-length: 26737
x-fb-trip-id: 1679558926
date: Sat, 10 Sep 2022 04:50:12 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash c406cb1593def1a2fb99d8187535008f
e93ad16841d4ab99df7f8148b7d195243c01529f
4e448770c486854f0667adc8691279e22f97275f3c849b244d73be6c35ad5ac9
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Sep 2022 04:50:12 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S922780541%3A1662785412955068&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqikxHMcvBPtn5Cu1hYzOXVNzP7kE_6CVHLvA8zF1gNR25P0MJppDF3f8DN-G28hmn1MR4UJQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-G8zqRC0H8wdhS9kzxtffxA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:9NRuYf0aJ9HtHTDhYqdljRr9Bfcnkw:-OcopTKD2fFoaG3H;Path=/;Expires=Mon, 09-Sep-2024 04:50:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 49bb506fd2087ce606cf1207c22cd7d9
3e41f996bb72070c81dca4833b5b44bff563059d
1edfaa3998425120e4165dfbde171296fae51afe0e1420b9cc1cd68aa638f751
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3440
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:12 GMT
Last-Modified: Sat, 10 Sep 2022 03:52:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/j/collect?v=1&_v=j96&a=1922790897&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Waves%20Calcados&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEATAAAAAC~&jid=1508246589&gjid=39365760&cid=1418693163.1662785404&tid=UA-211976687-1&_gid=142205256.1662785404&_r=1&_slc=1&z=974928701
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1922790897&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Waves%20Calcados&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEATAAAAAC~&jid=1508246589&gjid=39365760&cid=1418693163.1662785404&tid=UA-211976687-1&_gid=142205256.1662785404&_r=1&_slc=1&z=974928701
IP
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j96&a=1922790897&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Waves%20Calcados&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEATAAAAAC~&jid=1508246589&gjid=39365760&cid=1418693163.1662785404&tid=UA-211976687-1&_gid=142205256.1662785404&_r=1&_slc=1&z=974928701 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://seguro.wavescalcados.com
date: Sat, 10 Sep 2022 04:50:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=1922790897&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Waves%20Calcados&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEHAAEATAAAAAC~&jid=1357783618&gjid=580345565&cid=1418693163.1662785404&tid=UA-45745009-5&_gid=142205256.1662785404&_r=1&_slc=1&z=2088324166
200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1922790897&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Waves%20Calcados&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEHAAEATAAAAAC~&jid=1357783618&gjid=580345565&cid=1418693163.1662785404&tid=UA-45745009-5&_gid=142205256.1662785404&_r=1&_slc=1&z=2088324166
IP
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j96&a=1922790897&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Waves%20Calcados&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEHAAEATAAAAAC~&jid=1357783618&gjid=580345565&cid=1418693163.1662785404&tid=UA-45745009-5&_gid=142205256.1662785404&_r=1&_slc=1&z=2088324166 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://seguro.wavescalcados.com
date: Sat, 10 Sep 2022 04:50:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a2ceb14ac83/60a2ceb14ac8c.png
200 OK 312 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a2ceb14ac83/60a2ceb14ac8c.png
IP
File type PNG image data, 2778 x 832, 8-bit/color RGBA, non-interlaced\012- data
Size 312 kB (311773 bytes)
Hash a97e954d463b20d115b325f4200148e6
d4e389a056d40ebad623ff83abb9e97c49400dbd
f738f1901f350f0bba8c2893e3dd18044361754f3aa807c0df8e45dc5b36ba18
GET /king-assets.yampi.me/dooki/60a2ceb14ac83/60a2ceb14ac8c.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: d+1q2FIUe3tbgqAQbJRFXZ8Uzqu0GkgPuub3mQFJHr+OehYzE2XXmMkYnYHRT1lZsGYSZcTw8Rw=
x-amz-request-id: T44XTXHF8PXDP298
Date: Sat, 10 Sep 2022 04:50:13 GMT
Last-Modified: Mon, 17 May 2021 20:14:42 GMT
ETag: "a97e954d463b20d115b325f4200148e6"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 311773
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
IP
File type ASCII text, with very long lines (52762), with no line terminators
Hash f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 09:41:32 GMT
expires: Wed, 06 Sep 2023 09:41:32 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/css
age: 328121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP
File type HTML document, ASCII text, with very long lines (579)
Size 158 kB (158056 bytes)
Hash d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 21:31:14 GMT
expires: Sat, 09 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
age: 26339
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45745009-5&cid=1418693163.1662785404&jid=1357783618&gjid=580345565&_gid=142205256.1662785404&_u=IEHAAEATAAAAAC~&z=1902140378
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45745009-5&cid=1418693163.1662785404&jid=1357783618&gjid=580345565&_gid=142205256.1662785404&_u=IEHAAEATAAAAAC~&z=1902140378
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45745009-5&cid=1418693163.1662785404&jid=1357783618&gjid=580345565&_gid=142205256.1662785404&_u=IEHAAEATAAAAAC~&z=1902140378 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.wavescalcados.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Sep 2022 04:50:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadopago.com/v2/security.js
200 OK 2.6 kB URL HTTP/2 www.mercadopago.com/v2/security.js
IP
File type ASCII text, with very long lines (5793), with no line terminators
Hash 121cc939a737bae879cc8cfda6187203
02e88df0b5b80a0f4a86ce0ab1e91463835b3ca6
9feff7418d54b6425c8924a8c15c2d5aabaa48134e06c22b72a09a475477291e
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 10 Sep 2022 04:50:11 GMT
set-cookie: _d2id=f0ccf106-1fad-49a8-ba08-d909474490ad-n; Path=/; Domain=.mercadopago.com; Expires=Sun, 10 Sep 2023 04:50:11 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: f0ccf106-1fad-49a8-ba08-d909474490ad
x-request-device-id: f0ccf106-1fad-49a8-ba08-d909474490ad
x-d2id: f0ccf106-1fad-49a8-ba08-d909474490ad
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R4wleBiKIW5Lla37AI1nGl89OL5rG0gU2wTWZRE17KJw1C4_SuRUdw==
X-Firefox-Spdy: h2
stc.pagseguro.uol.com.br/pagseguro/j/lib/commons/pagseguro.analytics.1662498153680.js
200 OK 1.4 kB URL HTTP/2 stc.pagseguro.uol.com.br/pagseguro/j/lib/commons/pagseguro.analytics.1662498153680.js
IP
File type ASCII text, with very long lines (3296), with no line terminators
Hash 6c2577aa1fb28e9488bcf25e94d52bf2
a0e6464a21bca51959bccbbef5cf4169eebca997
480bf770e7f3128a8be2cfaab555a74c20e92a80007c2501bea328033023124a
GET /pagseguro/j/lib/commons/pagseguro.analytics.1662498153680.js HTTP/1.1
Host: stc.pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=60
content-type: application/javascript
date: Sat, 10 Sep 2022 04:50:13 GMT
ec-rule-version: 20220707-02
expires: Sat, 10 Sep 2022 04:51:13 GMT
last-modified: Tue, 06 Sep 2022 21:03:36 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
content-length: 1360
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seguro.wavescalcados.com/e/t
200 OK 53 kB URL HTTP/2 seguro.wavescalcados.com/e/t
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash ee96a035349cdff1da30d093c3fcd123
1b8331d92f8d554a1ea653a4da49a66e6d60cbea
765210328aa7f5ce0f4cc3adb5d86cff7a657057c450b7f07ba4748031975abd
Analyzer Verdict Alert fortinet Phishing
POST /e/t HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjdlMTczOTM2Zjc1NzdkMWEiLCJ0ciI6IjY3N2ExYjM5YjNkYTI1MDY0YmU5M2I1Mzk2YmFlMWViIiwidGkiOjE2NjI3ODU0MDI2Mjd9fQ==
traceparent: 00-677a1b39b3da25064be93b5396bae1eb-7e173936f7577d1a-01
tracestate: 2935249@nr=0-1-2935249-1134170823-7e173936f7577d1a----1662785402627
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 353
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:12 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ik92UGJ2bmFOcWNCaWpFRjU4eERNXC9BPT0iLCJ2YWx1ZSI6IkJEb3l5XC9MbXdTZnlRNStCWVwveUw4T0Jpc1UxWVZ1cktFXC9pR1Z4bkVSbHV3Und2OGJyT25hXC9CeXlIZzZRYkNydWIwUkdXZXdOeDk4R0FhbENzTW55UT09IiwibWFjIjoiZDdkMDEwYjRmY2UyMmYwYmU0YWMwMGU0NGI0M2U0NjJlYTdhNzQ5M2JlYmRkNWE5MGZkNzE3YjlhMGM2Njk2ZCJ9; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkR4cmExZXpOMXFPUDVMNVNQVCs5ZUE9PSIsInZhbHVlIjoiVkNUUWhnTHR2SERwalY0QkQwaURMdCsxK29la0EzZm93XC9sR2p4WVZGNDFLaFhiczIxbm0rc0NtWGJGUTZVdlN3YWplSEgzWlFOOExuY0V2bnl5MnV3PT0iLCJtYWMiOiI2YWRjODQ5Y2Y2MTAzYjk0MGU1MGQ5ZjI2NzUyOTk5MTJiMmQ0NWNjZWIxZmFkMTczZWM1NDEyNzVlMjQ5YjJjIn0%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATAlRAAwGHh5UFUNVVFBTXQcOBFIAXQMFV1JWFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash 498156814fff32517876f5ae7ce615e5
669f42f38568206a5df74de73a44945637411581
bbbacbbae1f4518b0926adaad2cb1f14c1b9d87f608c02705ad00660fa3203fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:13 GMT
Server: ECS (amb/6B80)
Content-Length: 727
seguro.wavescalcados.com/api/v1/pagseguro/session
400 Bad Request 4.0 kB URL HTTP/2 seguro.wavescalcados.com/api/v1/pagseguro/session
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 2ae33bed14f8d6c47661cfd061ac81d9
a9333e9d803bd19ec8d0f11f2882d5cfee993601
989a44afec7f500d7a28fdfad28ad2f476bb260748174177173fb19210b36a67
Analyzer Verdict Alert fortinet Phishing
POST /api/v1/pagseguro/session HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjFmMzk1MzkxN2U5ZDVmZmQiLCJ0ciI6IjNiYzFhNjZlYzJmNTVhY2YxZTVjYmNlODVjMTA3MjZmIiwidGkiOjE2NjI3ODU0MDI2MTd9fQ==
traceparent: 00-3bc1a66ec2f55acf1e5cbce85c10726f-1f3953917e9d5ffd-01
tracestate: 2935249@nr=0-1-2935249-1134170823-1f3953917e9d5ffd----1662785402617
X-Requested-With: XMLHttpRequest
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 400 Bad Request
date: Sat, 10 Sep 2022 04:50:12 GMT
content-type: application/json
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ikh3VkU4ZGRTOW16NHczUTFNb1dVaXc9PSIsInZhbHVlIjoiMVlPYURsamQ2dmlvRUxcLzAzUlwvNDY5ckJJQ3NTc1l6VHFITDdaZndPSXpydVBPNTRVakV5K0wwVzhIQk5hR2Y3N1Z3aU5WRlBoUWJtZTRjbUxLVmpkUT09IiwibWFjIjoiMDg0ZWZiMmJiYTFjMGI2Zjg1ZjI4Yjc5MDQ4YjhlOGM2NmJiODVhNTAxZjM0Nzg0NTQ3MjVjNzBjNWUxNjE2OSJ9; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InB6STRnUGdNSmF5NEsxTllaK2oyOWc9PSIsInZhbHVlIjoiVVNTUVh3U29lRkNtdUZlRGNoWjlPc1FzbGEwZHJtbld1dlRmejdIVVRkXC8wZkV0YUZ5akFraERwdEVkVW5mME82Z3g3eHVSYkFZUzlZTklka0JvbTNBPT0iLCJtYWMiOiJiOTU4MWM1ZjRiZmY1MzY1NTZkYmFkOWFkMmMwZjhkYWRiZDVhZTkzYjU5NzI5Y2IyMTdhNzYxNGUzMjAyNjRjIn0%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRA1BCUgERQ1kdEQMQEVkNVkAUCBoCA1UJUR1RHVNUBAVUSk4JHxJRUQEAVQYFBgVUUVteAgYIQBQEWVRHV24=
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-88310706-1
200 OK 128 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-88310706-1
IP
Size 128 kB (127794 bytes)
Hash 8aa0b5d2a60e842555e6458db723ff9b
9d147531dc89dc878c0e9c2a34271e5bfe722bf5
0f6c05814a0dabd0c885233ab15468a8c96e2c1bdd03755baa9ebe1a4edb61ee
GET /gtag/js?id=UA-88310706-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 04:50:13 GMT
expires: Sat, 10 Sep 2022 04:50:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=306514561632433&ev=PageView&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404347&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=PageView_2uo4s0wib&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=306514561632433&ev=PageView&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404347&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=PageView_2uo4s0wib&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=306514561632433&ev=PageView&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404347&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=PageView_2uo4s0wib&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 10 Sep 2022 04:50:13 GMT
expires: Sat, 10 Sep 2022 04:50:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.wavescalcados.com/api/v1/pixels/events
200 OK 64 B URL HTTP/2 seguro.wavescalcados.com/api/v1/pixels/events
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 962f856c45d98c03563c29987a40115a
34ace4bb8368ba5591acd940424ace5ac57f6a75
106b464495f5af69690e3941d75482902ffc2148bee861e0e7080042db990309
Analyzer Verdict Alert fortinet Phishing
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImIwZGU0MjBiMzAyNWE3MDgiLCJ0ciI6IjQyMjc5MGNiMjhmZjMzNTRlYzg2YzIyYzU3ZTgyNDRmIiwidGkiOjE2NjI3ODU0MDI2MjR9fQ==
traceparent: 00-422790cb28ff3354ec86c22c57e8244f-b0de420b3025a708-01
tracestate: 2935249@nr=0-1-2935249-1134170823-b0de420b3025a708----1662785402624
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 241
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:12 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjRmdllyVjdPUVVLbzYrcnRJK1BhSXc9PSIsInZhbHVlIjoiSVlXejJFd2tmRWwxdEFITFp2RTAwWStwbVwvdUY5NkV1V2tTc0VraVZWWHVlNTI1YjZCUnhkOXllNHFIenpYcjlOU0dwWVlWZTZFRlVFVUFlcU40Y3lBPT0iLCJtYWMiOiIxNzBkOWIzNGEzNGM3OTI4MGEwOGFiMjkxZDE4Yzk1MmQwZjMwYjVlMDFmMmIwMDdkOGI0M2FkZjhiNGU1ZWNmIn0%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkFOMTJHSU5zb1RENnp4TnlxcWR4d2c9PSIsInZhbHVlIjoiOHAwRUNPU2dmK3Rib2oyZzNlUFl2RXQ0eXU2d2JTWTBSR054SzlzQmtGWDZxWDluXC9HZm5qZ0dib3dqNmgxVjQ5bUtMbnl3NEl4VEZ6NjBnXC9IKzZcL0E9PSIsIm1hYyI6IjMwNWI5NjliNjI1OTkyMzFlZDdjMDFhYzE4ZWFhOGMzOWFiNGNkNDUwZTU1NzI3NzJhZTA1NWZjZjlhMGRhMDEifQ%3D%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QAFNQABtMV08aVgZQA1ABAANeAAQBCwdRWkAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2019268341593444&ev=PageView&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404349&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=PageView_2uo4s0wib&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=2019268341593444&ev=PageView&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404349&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=PageView_2uo4s0wib&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=2019268341593444&ev=PageView&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404349&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=PageView_2uo4s0wib&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 10 Sep 2022 04:50:13 GMT
expires: Sat, 10 Sep 2022 04:50:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1058819414788348&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404356&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_7owy7kjjh&tm=1&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=1058819414788348&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404356&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_7owy7kjjh&tm=1&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1058819414788348&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404356&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_7owy7kjjh&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 10 Sep 2022 04:50:13 GMT
expires: Sat, 10 Sep 2022 04:50:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2019268341593444&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404355&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_sbsa04cmp&tm=1&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=2019268341593444&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404355&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_sbsa04cmp&tm=1&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=2019268341593444&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404355&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_sbsa04cmp&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 10 Sep 2022 04:50:13 GMT
expires: Sat, 10 Sep 2022 04:50:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=306514561632433&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404352&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_ct1qhc1pz&tm=1&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=306514561632433&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404352&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_ct1qhc1pz&tm=1&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=306514561632433&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.wavescalcados.com%2Fcheckout%2Faddress&rl=&if=false&ts=1662785404352&cd[content_ids]=%5B%2219670813%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662785404346.1863584702&it=1662785403612&coo=false&eid=InitiateCheckout_ct1qhc1pz&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 10 Sep 2022 04:50:13 GMT
expires: Sat, 10 Sep 2022 04:50:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 39f6c07b648f77deff16919dd401a444
980f072884c8616416e459183d4e7469207ac5a0
b1126cc0940a80c90daa29287eaae47e3caf7d49c67921f27ebc8a53fbb83d55
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 04:50:13 GMT
Server: ECS (amb/6B79)
Content-Length: 471
sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1662785404236&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.wavescalcados.com%2F
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1662785404236&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.wavescalcados.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1662785404236&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.wavescalcados.com%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 04:50:14 GMT
set-cookie: UID=18Cbd489103a5bd72e6143c1662785414; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BDKO91s3mLBTzuEyH4vC4594hMOH_n8s83qeP7cAdHlK_ibrOnrfKQ==
X-Firefox-Spdy: h2
clicklogger.rm.uol.com.br/crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.wavescalcados.com/
200 OK 1.3 kB URL HTTP/1.1 clicklogger.rm.uol.com.br/crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.wavescalcados.com/
IP
ASN #7162 Universo Online S.A.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 56038ac4751de0ec112c7c6decf7ee76
5eb7380c2ef26dad2e13c4181af4e1990263d6d5
8fc3b8b6a4a23f2ba1c8a43e160c0db974dffa53d72e389e35cb5013a4cd03db
GET /crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.wavescalcados.com/ HTTP/1.1
Host: clicklogger.rm.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 04:50:14 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
Last-Modified: Wed, 07 Nov 2018 14:41:22 GMT
ETag: "9b7c77-51b-57a141ca40880"
Accept-Ranges: bytes
Content-Length: 1307
P3P: policyref="http://clicklogger.rm.uol.com.br/w3c/p3p.xml",CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Connection: close
Content-Type: text/html; charset=UTF-8
seguro.wavescalcados.com/api/v1/pixels/events
200 OK 29 kB URL HTTP/2 seguro.wavescalcados.com/api/v1/pixels/events
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 0d3396d8f51ccc17c9fe6fd0f2092c1e
9cb19bffde0dfa4ac0f26f820ea0affca05f0b51
af30f96a603f529900644c3f07b6de40f193aead11859f46b942b496329ac632
Analyzer Verdict Alert fortinet Phishing
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjM3OTU4ZDdmMDA5Njk5NWIiLCJ0ciI6ImI1MDBjYWIxNGNhOGJlNDg5NmFiNWM5ZGQ3YWIwYWJlIiwidGkiOjE2NjI3ODU0MDI2MjB9fQ==
traceparent: 00-b500cab14ca8be4896ab5c9dd7ab0abe-37958d7f0096995b-01
tracestate: 2935249@nr=0-1-2935249-1134170823-37958d7f0096995b----1662785402620
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 241
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:12 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ik9aUUJkcnRjUkY1c3dxVHRCeGhWa3c9PSIsInZhbHVlIjoiYzJMaDBkeHlEc2F5WDZrc3ROblpNcWxJOXZTVUpKOVk1aHF1NmxrZDZWRlg5SnNMSDNjdG42ZTVXWEVIYWtvSFhXc1RBOW9uTVZZK0g2S1d0dlpFemc9PSIsIm1hYyI6IjIxMjZmNDYxYzJhZjkzOWFjNDgxODdkNzc3NDZlN2EzMDczNWJkMTBkYTdkZGVhMmM5YjFiNzA3YmM1Y2U0NjYifQ%3D%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ik05Z29DUUJyTUx6R2VsVkpQMEJxMlE9PSIsInZhbHVlIjoiU2Z0YlpqTUFpM1NnT0hCaXAxXC9mUzVZNUprSTQxT2xEWmV0blhlQ1lFUFY5bVlpbUMyaUlvSHZWOWhVeFZLTXNUZVdJOFFydnB1R0lkVTNpeTNNSjJ3PT0iLCJtYWMiOiI4ZjVmODRkZjQ5OTNkNWJlODFjODIxNTc5NjgzNDc5NWQxNzZmZWE0OWNiMDEzMDM5YzVjMjIxMjgwNDg3NjRkIn0%3D; expires=Sat, 10-Sep-2022 07:50:12 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QAFdTBxtMV08aVgFVWQdVUAFVUlABV1deWkAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
me.jsuol.com.br/rm/UolRMWorker.js
200 OK 698 B URL HTTP/2 me.jsuol.com.br/rm/UolRMWorker.js
IP
File type ASCII text, with very long lines (1615), with no line terminators
Hash 5a6a29435dfcaa7191715461cfee1f33
9391d4b905b592054b4b0e18d3cfd8888ff8923e
5fbd220ff9f8938611907feb964f0a2243f2d5ce8cec70b8e05cdf3676813493
GET /rm/UolRMWorker.js HTTP/1.1
Host: me.jsuol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clicklogger.rm.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 698
date: Sat, 10 Sep 2022 03:56:26 GMT
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Mon, 11 Jul 2022 20:46:23 GMT
expires: Sat, 10 Sep 2022 04:56:26 GMT
content-encoding: gzip
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: 5a6a29435dfcaa7191715461cfee1f33
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2auGfuECOaQxlA5mGZ59ZvvW4HPtThSuYsh8LUm90ETmRsz6iqQaNg==
age: 3228
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.wavescalcados.com/
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:15 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.wavescalcados.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 225508f9-bb4e-498b-972b-2521a4209ec2
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-38,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 7c0dfd2285691816
x-b3-traceid: 7c0dfd2285691816
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-38: iWwSzj73SHaIGJPegXURlYfDsn0LPHnhCE35nI+6asOiBQvLQfZfHVhO1tFoKMCm
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20back&p2={%22sender_tracking_hash%20%22:%2273b1f7e56663ede8038b6e5685b68f8ffc4b08e0cad642096499d9de5ee99491%22,%22DataFortress_services%22:true}&p3=https://seguro.wavescalcados.com/checkout/address?token=05ah754gb4b3fh
200 OK 0 B URL HTTP/2 pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20back&p2={%22sender_tracking_hash%20%22:%2273b1f7e56663ede8038b6e5685b68f8ffc4b08e0cad642096499d9de5ee99491%22,%22DataFortress_services%22:true}&p3=https://seguro.wavescalcados.com/checkout/address?token=05ah754gb4b3fh
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20back&p2={%22sender_tracking_hash%20%22:%2273b1f7e56663ede8038b6e5685b68f8ffc4b08e0cad642096499d9de5ee99491%22,%22DataFortress_services%22:true}&p3=https://seguro.wavescalcados.com/checkout/address?token=05ah754gb4b3fh HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
date: Sat, 10 Sep 2022 04:50:15 GMT
ec-rule-version: 20220707-02
expires: 0
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=65205cd10558c60fdeff41eb9598fd7d9b4a4eb95730f98a; Domain=pagseguro.uol.com.br; Expires=Sat, 10-Sep-2022 05:20:15 GMT; Path=/; Secure; SameSite=None
csrfId=60; Path=/; HttpOnly; Expires=10 Sep 2022 08:50:15 GMT; Domain=.pagseguro.uol.com.br; Secure; SameSite=None
JSESSIONID=t-Eq1LS8+R+mYGJ0wraOeg**.ps1; Path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: User-Agent
x-xss-protection: 1; mode=block
content-length: 0
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20start&p2={%22sender_hash%20%22:%2273b1f7e56663ede8038b6e5685b68f8ffc4b08e0cad642096499d9de5ee99491%22,%22iframe_installed%22:true}&p3=https://seguro.wavescalcados.com/checkout/address?token=05ah754gb4b3fh
200 OK 0 B URL HTTP/2 pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20start&p2={%22sender_hash%20%22:%2273b1f7e56663ede8038b6e5685b68f8ffc4b08e0cad642096499d9de5ee99491%22,%22iframe_installed%22:true}&p3=https://seguro.wavescalcados.com/checkout/address?token=05ah754gb4b3fh
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20start&p2={%22sender_hash%20%22:%2273b1f7e56663ede8038b6e5685b68f8ffc4b08e0cad642096499d9de5ee99491%22,%22iframe_installed%22:true}&p3=https://seguro.wavescalcados.com/checkout/address?token=05ah754gb4b3fh HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
date: Sat, 10 Sep 2022 04:50:15 GMT
ec-rule-version: 20220707-02
expires: 0
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b441be2c971607970; Domain=pagseguro.uol.com.br; Expires=Sat, 10-Sep-2022 05:20:15 GMT; Path=/; Secure; SameSite=None
csrfId=63; Path=/; HttpOnly; Expires=10 Sep 2022 08:50:15 GMT; Domain=.pagseguro.uol.com.br; Secure; SameSite=None
JSESSIONID=tWlpJANn3CDIoN+OemE8CA**.ps1; Path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: User-Agent
x-xss-protection: 1; mode=block
content-length: 0
X-Firefox-Spdy: h2
clicklogger.rm.uol.com.br/?prd=32&msr=Cliques%20de%20Origem:1&oper=11
200 OK 0 B URL HTTP/1.1 clicklogger.rm.uol.com.br/?prd=32&msr=Cliques%20de%20Origem:1&oper=11
IP
ASN #7162 Universo Online S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?prd=32&msr=Cliques%20de%20Origem:1&oper=11 HTTP/1.1
Host: clicklogger.rm.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clicklogger.rm.uol.com.br/crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 04:50:15 GMT
Server: (null)
P3P: policyref="http://clicklogger.rm.uol.com.br/w3c/p3p.xml",CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Connection: close
Transfer-Encoding: chunked
api.mercadopago.com/v1/device_sessions/anonymous_device_session
200 OK 337 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
File type JSON data\012- , ASCII text, with very long lines (337), with no line terminators
Hash 6a97c83c3a3b25913b68628b09d74c9f
7b77885768b107ca38c12e22a90f9ba95a402d1c
c40bef0741a02ce4bf5da91360659ce7b2d8566455e1f4f56ce3d2d46f541dfb
POST /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:15 GMT
content-type: application/json; charset=utf-8
content-length: 337
access-control-allow-origin: https://seguro.wavescalcados.com
x-request-id: 53044c1e-4a82-4c9a-859a-9d565c51259f
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-58,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-trace-digest-58: R9WIe6njerxPlbRybcIx3knnLz0l+0JOiWcUvgG9EO8kxkanmBvp3nMD9eqUzOlw
x-b3-spanid: be896ff8a1e7c7b4
x-b3-traceid: be896ff8a1e7c7b4
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
dna.uol.com.br/service/etag?dnaReferer=https%3A%2F%2Fseguro.wavescalcados.com%2F
412 Precondition Failed 0 B URL HTTP/2 dna.uol.com.br/service/etag?dnaReferer=https%3A%2F%2Fseguro.wavescalcados.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /service/etag?dnaReferer=https%3A%2F%2Fseguro.wavescalcados.com%2F HTTP/1.1
Host: dna.uol.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pagseguro.uol.com.br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Cookie: dna_status=eyJ0aW1lb3V0IjoxNjYyNzg1NDMwNzk4LCJydW5uaW5nIjp0cnVlLCJjYXB0dXJlZCI6ZmFsc2UsImRldGVjdERldmljZURhdGEiOnRydWUsInJlcXVlc3RzIjpbXSwiZm9yY2VVcGRhdGUiOmZhbHNlfQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 412 Precondition Failed
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, ETag, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Cookie, Set-Cookie, Date
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pagseguro.uol.com.br
access-control-expose-headers: X-Requested-With, Origin, Content-Type, Accept, ETag, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Cookie, Set-Cookie, Date
access-control-max-age: 86400
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: *
date: Sat, 10 Sep 2022 04:50:15 GMT
ec-rule-version: 20220707-02
server: nginx
content-length: 0
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 10 Sep 2022 04:50:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 105
x-timer: S1662785415.495607,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
assets.pagseguro.com.br/ga-scripts/latest/dist/pagseguro.js
200 OK 0 B URL HTTP/2 assets.pagseguro.com.br/ga-scripts/latest/dist/pagseguro.js
IP
GET /ga-scripts/latest/dist/pagseguro.js HTTP/1.1
Host: assets.pagseguro.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Aug 2022 14:03:13 GMT
x-amz-version-id: CWHxUdHnyl6cBpzuMaQXYfCG5r7Qrkin
server: AmazonS3
content-encoding: gzip
date: Sat, 10 Sep 2022 04:50:12 GMT
cache-control: public,max-age=300
etag: W/"b13b013ff4590f67807f89297c2d22a1"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Mj3y88uYqXjSK2ojrf420Sr13CyF9vBsKco5b4aT1BAlG3QQJqShzw==
age: 86
X-Firefox-Spdy: h2
seguro.wavescalcados.com/e/t
200 OK 0 B URL HTTP/2 seguro.wavescalcados.com/e/t
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert fortinet Phishing
POST /e/t HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjUyNjg2ZDk5NzJiZWJlMjgiLCJ0ciI6ImZjZjg5N2ZjYWQ1ZjJlNGNlY2NhYTI4YzY3ZDQ5NjNiIiwidGkiOjE2NjI3ODU0MDI2MjV9fQ==
traceparent: 00-fcf897fcad5f2e4ceccaa28c67d4963b-52686d9972bebe28-01
tracestate: 2935249@nr=0-1-2935249-1134170823-52686d9972bebe28----1662785402625
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 361
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IlwvUDBnTjE2NDdMWHRVTHI2WU5XcWxBPT0iLCJ2YWx1ZSI6IkY2WTB1bjc1N0pGRitiSElkNlFGVldXQ3BJbnIxbXA0ZEdLSGVDcVdZdTJhd3hSM0I0MWlGcVQzNDNzSkx2a0t4MGk0N016WGhYTVp6QlUzUTZGRjRnPT0iLCJtYWMiOiJkZDc1ZjFiYjU5NzEzMTQ4YzFlODYyOTg5OGZjZjE2YjhlZThhMjM4ODg0ZTI4ODM2NWZmOWY4NDk1OWE2ZjJlIn0%3D; bubbstore_checkout=eyJpdiI6IkxqejFZV1g4eXB5VXVVYVM4RnpTcXc9PSIsInZhbHVlIjoiRHRuVDBpTVwvWXViSnBWeU5sSm5KdE94R1NQVkdYQ1wvRzB4VWx1b3U4SU5HQmJicFVFRDZWTXljMlJhNmV3cW5VMFlDY2hZWnhHWFlLaEdJTmE2U01LQT09IiwibWFjIjoiYzNkNGQ0YTBjNzdlYzE0YWNkNTQwZWRkNWQ5YTQyMDE3NGJkZDgwODBkYjA0MzFjYTM0MzczMDY4Y2ExOTZmNyJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:13 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjlMMm5hREpiYnk5VFoyeWhIdG9EdXc9PSIsInZhbHVlIjoiNGw5bU5wVXppb0NMeThIazNrWkRGNWc1cE9Yb25uUzVENmlodzhkeHN4c0ZQbzI1VktVWnFpOG1EVEpZRWoyWUxydUxONjVPdUN1UVN5aHF2bFVXS0E9PSIsIm1hYyI6ImIwZGM3ZTAwODU3NDU3MGZhMDM4YWVlOTY3Zjk0ZTczMzU1Y2Y1NDYzMWZkMjAyNDJhZjdlNTNkMjdkMGJhYTYifQ%3D%3D; expires=Sat, 10-Sep-2022 07:50:13 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Im8rbVM3bWgrYitsMzBkV1p2QmRocWc9PSIsInZhbHVlIjoiMUd4WHBmeHRDTFJndVZ1eFZtYnlIRmxuVk11ajNZRUNxcW4zTXVsRURUbUJtdEN3bmhWcjBJeXgwaUYweDlZU1BVbFBYbjJKSVwvOHVDdml0cVwvOENmUT09IiwibWFjIjoiYzI3NThkYjUxNmNjNjVjNzZhZTYxZmZmNDU4ZTJmNTYwMmUxYTRjY2NjMGIyMGFmMzM1ZmY2YTRjMjlmMzRhOCJ9; expires=Sat, 10-Sep-2022 07:50:13 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.wavescalcados.com/cart?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd
302 Found 0 B URL HTTP/2 seguro.wavescalcados.com/cart?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
GET /cart?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 10 Sep 2022 04:50:09 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.wavescalcados.com/checkout/payment?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkZrdFRnTzJ6dk1WNFJKTmtuV0RzNkE9PSIsInZhbHVlIjoiT2QrQWNPTWxMWmo5cHJiazZTOHd6aFNnTnhtVCttSllNNFVjNTRPTEY0NmowamQ0TGt6djY3MzZjXC9kS2poZ1VtanhHUWNSdlNMdzdmZ2xLTGh6dHZnPT0iLCJtYWMiOiJhMmU2NWRkMzlmNDM4ZjUxN2VjMmZhNDZiZmRkNDczM2FjYmI1MDgxY2M0ZThmODk1N2ZmMDEyMzQ0MWU5NDhmIn0%3D; expires=Sat, 10-Sep-2022 07:50:09 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkdGcjhaOWptQUxhRlJ3XC9QTXVGNkx3PT0iLCJ2YWx1ZSI6IlRHcjNZQzNPZzFkb3dHbWRGUnJ5OFdKK3hjU0FtempzWXdEeDdubkdxeVBKSGtVb2JSWkdmTUkrNGNMS1IrazVJSW5xVnI5M2hZV0ZcL1k4ek4wMEFrUT09IiwibWFjIjoiYjJmNTg1ZjQ2M2MwNGI1ZmY5NGFlNjg0MmFlYTMwMWJjNTc2ZDdkZGU5ZDRjZjc3MmVhOTY5OTllNWM2NzhmZCJ9; expires=Sat, 10-Sep-2022 07:50:09 GMT; Max-Age=10800; path=/; httponly
wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9; expires=Thu, 15-Sep-2022 04:50:09 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca?background=armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca?background=armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP
GET /jms/lgz/background/session/armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca?background=armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 10 Sep 2022 04:50:15 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=66186eb8-a670-47d3-b4aa-a32dbf3c6c46-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 10 Sep 2023 04:50:15 GMT
dsid=32517894-a079-45a6-b781-f5e21f8f67f4-1662785415916;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=037c8afe-7f84-43a5-84eb-aa6705161d78-1662785415916;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 8
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 66186eb8-a670-47d3-b4aa-a32dbf3c6c46
x-request-device-id: 66186eb8-a670-47d3-b4aa-a32dbf3c6c46
x-d2id: 66186eb8-a670-47d3-b4aa-a32dbf3c6c46
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _1IRvKoun7HbJqAst5248xySJTISw4Kx9E2uLjJpKUlJF498qashGQ==
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/web_device
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.wavescalcados.com
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 04:50:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.wavescalcados.com
x-request-id: b4d1a1bb-da51-4c66-a36a-cf6ef1049857
x-trace-digest-75: 7if82LzyeiKXqU6Iq4HMuirSZHilIyu5Kqa+gWOyS5Tu4aA5aT6cA7z0JP6oNgOD
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-75,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 6ccf547e8216e4ef
x-b3-traceid: 6ccf547e8216e4ef
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1662785411757;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background?dps=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background?dps=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3
IP
GET /jms/lgz/background?dps=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Sat, 10 Sep 2022 04:50:15 GMT
server: Tengine
set-cookie: _d2id=bfb8f893-7e69-489c-a19c-8e8c030d5955-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 10 Sep 2023 04:50:15 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: bfb8f893-7e69-489c-a19c-8e8c030d5955
x-request-device-id: bfb8f893-7e69-489c-a19c-8e8c030d5955
x-d2id: bfb8f893-7e69-489c-a19c-8e8c030d5955
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7qcJ355ySbdijwpTVEt9-Y9jWuTFSzsPoFJWIpXh9O9uge7cNlwiaw==
X-Firefox-Spdy: h2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca?background=armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjI1YWNkNjRmLTUyZDktNDhmMC1hZWRjLWQxY2E1NjRlYjcyMi0xNjYyNzg1NDEyNTMxIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM0LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0OSwiaGFzaCI6MTk2LCJ0b3RhbCI6MTk2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
200 OK 0 B URL HTTP/2 www.mercadolivre.com/jms/mlb/lgz/background/session/armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca?background=armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjI1YWNkNjRmLTUyZDktNDhmMC1hZWRjLWQxY2E1NjRlYjcyMi0xNjYyNzg1NDEyNTMxIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM0LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0OSwiaGFzaCI6MTk2LCJ0b3RhbCI6MTk2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP
GET /jms/mlb/lgz/background/session/armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca?background=armor.5efed637449b0b4f2d48357aed359017741727d97702ce130bce860a90aec85b44cba238aa844e249d539307275f64e5a82510cfc65b7efa0fa7de788f55bc6168afb8a88c12ca06d6788fe1cb724a3a52a6904c67f76226000046307211132b.69f58c4ecd8cf2158ad97bc1fd77bfca&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjI1YWNkNjRmLTUyZDktNDhmMC1hZWRjLWQxY2E1NjRlYjcyMi0xNjYyNzg1NDEyNTMxIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM0LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0OSwiaGFzaCI6MTk2LCJ0b3RhbCI6MTk2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 10 Sep 2022 04:50:15 GMT
server: Tengine
set-cookie: _d2id=74c43af3-1ec2-450a-9dc2-fcdf55805cfe-n; Path=/; Domain=.mercadolivre.com; Expires=Sun, 10 Sep 2023 04:50:15 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 3
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 74c43af3-1ec2-450a-9dc2-fcdf55805cfe
x-request-device-id: 74c43af3-1ec2-450a-9dc2-fcdf55805cfe
x-d2id: 74c43af3-1ec2-450a-9dc2-fcdf55805cfe
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0cygAHs3OQrleTghqDI6Z03LW3N04qlSPrvhS_zzwMdPBV4BLXFzvA==
X-Firefox-Spdy: h2
seguro.wavescalcados.com/checkout/payment?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd
302 Found 0 B URL HTTP/2 seguro.wavescalcados.com/checkout/payment?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
GET /checkout/payment?cart_token=c1ae1a70-30ad-11ed-8b04-390936cef214&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=a16a250acbcc690f202d63f4f2b2d3527b3cd569&customerToken=6e0d6410-30ae-11ed-b214-0d42d64c65cd HTTP/1.1
Host: seguro.wavescalcados.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkZrdFRnTzJ6dk1WNFJKTmtuV0RzNkE9PSIsInZhbHVlIjoiT2QrQWNPTWxMWmo5cHJiazZTOHd6aFNnTnhtVCttSllNNFVjNTRPTEY0NmowamQ0TGt6djY3MzZjXC9kS2poZ1VtanhHUWNSdlNMdzdmZ2xLTGh6dHZnPT0iLCJtYWMiOiJhMmU2NWRkMzlmNDM4ZjUxN2VjMmZhNDZiZmRkNDczM2FjYmI1MDgxY2M0ZThmODk1N2ZmMDEyMzQ0MWU5NDhmIn0%3D; bubbstore_checkout=eyJpdiI6IkdGcjhaOWptQUxhRlJ3XC9QTXVGNkx3PT0iLCJ2YWx1ZSI6IlRHcjNZQzNPZzFkb3dHbWRGUnJ5OFdKK3hjU0FtempzWXdEeDdubkdxeVBKSGtVb2JSWkdmTUkrNGNMS1IrazVJSW5xVnI5M2hZV0ZcL1k4ek4wMEFrUT09IiwibWFjIjoiYjJmNTg1ZjQ2M2MwNGI1ZmY5NGFlNjg0MmFlYTMwMWJjNTc2ZDdkZGU5ZDRjZjc3MmVhOTY5OTllNWM2NzhmZCJ9; wavesoutlet2_cart=eyJpdiI6IjZDajhvQmFyXC83UDF0cXltMTZjYm1RPT0iLCJ2YWx1ZSI6ImM5WDZcL256SEhXMVp3ak1aVFZzZzJpQ0tUOUE1TkczM0hvcHZadHhIdmh1N3VIVkJ6Y0pOR25jMkRGRDVkeGRnIiwibWFjIjoiYjQ1ODRmMzZmNWUzMDkwMGY1MmI3ZmNhMDBmNGEwNzM5MWZiOGNiNDBlNDhiNjI3M2MyYWUyOWU0NjIyMDRlNiJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Sat, 10 Sep 2022 04:50:09 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.wavescalcados.com/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlZnMVdsa083RnNIWWpwSjdcLzF2dFF3PT0iLCJ2YWx1ZSI6ImllZEVlU2wrTE1HWVNoMEYrSGRaQU5XdktJUnBMdFZYelFkMFlEazNBaUI4XC94c3djaFVFVGVqaDN1WW1qbkVuTEZ0VXUyKzZzUUppOHhjTzlGWGw3UT09IiwibWFjIjoiYTkxNWNkN2MyNDE0M2U3NzJlMDMzZWFhNmIxMDY1NGRjYmZlZTQ0NDEyODA4Mjg3MTgxOTlkODYxMzZiMjYwYSJ9; expires=Sat, 10-Sep-2022 07:50:09 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlgxMXBabVByakRsZmljcDlYaU1sV3c9PSIsInZhbHVlIjoiZ1BcL0ZMZFdRMUxKUGp6RVpsZGxvN2NiYTdwMlhUc3VDbEV4SitxeitEa1wvR0tNOHJDWVlLNCtlZlBqMEZrR285QlZPRlhnMmdUN1NQekprT1JBZGQzZz09IiwibWFjIjoiYjg4NmQ1YmYzOGI2MGQ2ZjM1OGFjYTI3NDhmNzUwZGJjODdjNGRjMTJiYWM5ZDA2MTUxN2YxNzgyOTBkOWFiZSJ9; expires=Sat, 10-Sep-2022 07:50:09 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
IP
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 04:50:10 GMT
date: Sat, 10 Sep 2022 04:50:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3?background=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjI1YWNkNjRmLTUyZDktNDhmMC1hZWRjLWQxY2E1NjRlYjcyMi0xNjYyNzg1NDEyNTMxIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM0LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0OSwiaGFzaCI6MTk2LCJ0b3RhbCI6MTk2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
200 OK 0 B URL HTTP/2 www.mercadolivre.com/jms/mlb/lgz/background/session/armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3?background=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjI1YWNkNjRmLTUyZDktNDhmMC1hZWRjLWQxY2E1NjRlYjcyMi0xNjYyNzg1NDEyNTMxIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM0LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0OSwiaGFzaCI6MTk2LCJ0b3RhbCI6MTk2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP
GET /jms/mlb/lgz/background/session/armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3?background=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjI1YWNkNjRmLTUyZDktNDhmMC1hZWRjLWQxY2E1NjRlYjcyMi0xNjYyNzg1NDEyNTMxIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM0LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0OSwiaGFzaCI6MTk2LCJ0b3RhbCI6MTk2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 10 Sep 2022 04:50:15 GMT
server: Tengine
set-cookie: _d2id=ac87a298-8340-4daf-8b7c-bd841b999efe-n; Path=/; Domain=.mercadolivre.com; Expires=Sun, 10 Sep 2023 04:50:15 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 3
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: ac87a298-8340-4daf-8b7c-bd841b999efe
x-request-device-id: ac87a298-8340-4daf-8b7c-bd841b999efe
x-d2id: ac87a298-8340-4daf-8b7c-bd841b999efe
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BF30m4bbPZReLv_MPnuLDf-lvyfXyfqQ0EMvvvTHDusg7ldsax9slw==
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3?background=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3?background=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP
GET /jms/lgz/background/session/armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3?background=armor.497648288c978716abf52e093ea3301bb8ed175ca8b45c655632e14061c26dc96f236af9c94c278dfd02f25ccdb9ce64d1ef6fd6e7222b7a737e80eb4afb9f998efcc02a2d2b1f533404097201d00f3339b98c6d8cffaaf1cc4b5efe157f0ebc.f99725a725ed1201908d9fd2cf0879a3&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.wavescalcados.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 10 Sep 2022 04:50:15 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=e0d63c60-cd2a-4fba-a7c6-79598009fa6f-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 10 Sep 2023 04:50:15 GMT
dsid=572aa6ec-8c9b-41b5-89d6-b92d25e76903-1662785415955;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=4859c59c-29c3-404c-98dc-ec6df4378e55-1662785415955;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 8
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: e0d63c60-cd2a-4fba-a7c6-79598009fa6f
x-request-device-id: e0d63c60-cd2a-4fba-a7c6-79598009fa6f
x-d2id: e0d63c60-cd2a-4fba-a7c6-79598009fa6f
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0VGcMFda-ejaq-9Rs903Uez2m5eLzljemMlZrRZczM0k1RKJo-LSSw==
X-Firefox-Spdy: h2
172.67.157.46
104.18.1.53
157.240.200.14
200.147.41.211
151.101.86.137
23.36.77.32
93.184.220.29