| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7786cd9bd97e024b3a1d16215defaad2 786ddbb74b0b6bd9270622dbe0258d6caee407c1 9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2467
Expires: Tue, 15 Nov 2022 06:37:25 GMT
Date: Tue, 15 Nov 2022 05:56:18 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash832aecaba9f06ee2d39d4d4bea65f13c 7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4331
Cache-Control: max-age=107229
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:19 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:43:28 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8c15cef160d1514fc977ed4c4e97086c ffe4ce3199658a1fc7a45d1607df40ef3911621d db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4981
Expires: Tue, 15 Nov 2022 07:19:20 GMT
Date: Tue, 15 Nov 2022 05:56:19 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashd130218d0e2841f39c99610fe1a2ab90 29fbe1e177ee55c7a61ae0a206afff271cf5f945 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 05:44:37 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 702
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xb/NEi5hA+V5e+W0IRZMCXZYftMSsEONLm8P90Q2sIJLlErFeKwlq1WitwJDpwflCHoqgE7O82M=
x-amz-request-id: R537XVN8GXK693D6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 05:14:08 GMT
age: 2531
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 05:56:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 05:25:01 GMT
cache-control: public,max-age=3600
age: 1878
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3200044057cb585f1a435c0efece61c8 8305d5b5891288aa9996b4b4ca6fce2265413194 df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: max-age=104000
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:19 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:49:39 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| seguro.rosaselvagemacido.com/checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2 | 170.82.174.30 | 301 Moved Permanently | 134 B |
URL HTTP/1.1seguro.rosaselvagemacido.com/checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2 IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2 HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Nov 2022 05:56:19 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.rosaselvagemacido.com:443/checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2
X-GoCache-CacheStatus: BYPASS
Server: gocache
|
|
| push.services.mozilla.com/ | 52.89.217.163 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.89.217.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +WSLd7wC7FPJgWVVqLd+rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Umomyce5K3EJ/8bn6INNki8r9Pk=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5332a951ffd298e20b78f6c7c0315998 e0f640704b6f77dbd473e8a9d5b5215bcfbca0cd 8ca67085acc5b1aee87b66f71d33d70a1b803807c491c0d23b37dd8451ec056b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CA67085ACC5B1AEE87B66F71D33D70A1B803807C491C0D23B37DD8451EC056B"
Last-Modified: Mon, 14 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21539
Expires: Tue, 15 Nov 2022 11:55:19 GMT
Date: Tue, 15 Nov 2022 05:56:20 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8298
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 05:56:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8298
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 05:56:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8298
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 05:56:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8298
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 05:56:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash29b1503232a9cf0843bd9f0d01c0a9a5 620b3b98a58cd32175d40534dca81ef4a26d880f 1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8298
Expires: Tue, 15 Nov 2022 08:14:39 GMT
Date: Tue, 15 Nov 2022 05:56:21 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9459d8c5ec4b22476e1470e5476f70f7 78118517bfffe997c85f08bd9b7b7ac9270d9b02 647d0898ed6a38191ff91ca316e90a72d9a5ce563c3602a8d4c477c64f096be4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7504
x-amzn-requestid: 553a2ee3-9dcb-44ac-b0e1-e8ea660eedcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAmqGAyoAMFv5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368ae2a-7af9fba56c5ae9ca5f513668;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:05:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rRrM6hW5gFH8bLxrzQv5emBacEQrqldwEfD1M0YycB4XphG-XXwRuA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 05:03:57 GMT
age: 3144
etag: "78118517bfffe997c85f08bd9b7b7ac9270d9b02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc5f45accbd2d3551103631fa77deee8f 7295ef4c52bcea1be24b963d7ff170ef5bacf713 495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9311
x-amzn-requestid: ccbd88f7-a72f-4f7c-868d-907b2dbea1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ9_UEQ4IAMFmzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d76c8-4c0b800d7bf5064346932e15;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 22:10:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bJa_vwFYVNizWkPP2aLO8cOJiMqMfZmD34-hAnOlmJ0K2OO3dghWvw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:09:42 GMT
age: 27999
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash94c82cd0e4204ea23b9bd86a3f576fa8 1651325ad361d1c86a4b81edb6b75af27f490a39 0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8025
x-amzn-requestid: e7f9048b-7b8a-4e69-954f-31a7be2548e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bRUl5HvRoAMFy0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636a0158-063e221d1d6a4dac5f42ec48;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 07:12:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Fu14fmRDqxHs_RHrfXZRez5LnYW6HNuD-AvFDdzQwsxa1BPBFEqh-A==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:35:56 GMT
age: 8425
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F818b8415-26b4-4768-a1f1-8eafa6e11c16.webp | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F818b8415-26b4-4768-a1f1-8eafa6e11c16.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb76f3ae29d447b9c8938462c4adb6463 f22e89c145d1ede9e3d731e6748bfe338c1a0d6b b5bf1a0416425ffef9f3b0954c7c4659e33ab1dacfb812e8308e2095dd1bc409
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F818b8415-26b4-4768-a1f1-8eafa6e11c16.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7414
x-amzn-requestid: ff411645-d77f-4ef2-a175-c534bcd21f28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM2cjFwqIAMFxgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683783-552038846aadb8be53bb3ea1;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:38:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ivVEyCNKURmHSP1rbwcmv3mUrpIJ13B7LGsFzYYufJIMx2I5aZXY3g==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 06:40:52 GMT
age: 83729
etag: "f22e89c145d1ede9e3d731e6748bfe338c1a0d6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4af82634a56d0978c9b4689c8b7eb8ae 4b40ef08bd37cabfcb937053dd58012abdd6620f 476a9f850cfbe41adea1d699fdf4f04424674c53b268681fa6fc0e226bed0797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6318
x-amzn-requestid: 6469c84d-fc45-470e-a438-2fb81dae70c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtyHpXoAMFfWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff1-53ab9291301773c048f69696;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w-ycM-G6gAU8xssl0r8gTPLLLimSjv4M5VUONl8bynl_A2EzlmXoaw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:53:51 GMT
age: 7350
etag: "4b40ef08bd37cabfcb937053dd58012abdd6620f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd5bdc050716bb76afe8090fc81617e7 5109c156b180727767fc03c411190ccc0d3fb5fc 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:57 GMT
age: 29424
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashfce6ee26d25c8bbf7f96d76b9c2a53ea 57a5c03ccb680af38a8a02cc52c30e22566a57a5 31799991bc62dc8503aa1e8f625b6bb1a723e8e70162118632fa976f61636701
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166934
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Etag: "6373131c-116"
Expires: Thu, 17 Nov 2022 04:18:36 GMT
Last-Modified: Tue, 15 Nov 2022 04:18:36 GMT
Server: nginx
Content-Length: 278
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash0c17098ac76d144a526de29b7dec1666 b552f24ab59f5a688367090e366b6fb69242e7f3 ed7724f82f73fb40781ac8435b2688b236fb0bb3a3219fcb8bdbd83b75fcc863
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3733
Cache-Control: max-age=159917
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Etag: "6372e91e-1d7"
Expires: Thu, 17 Nov 2022 02:21:39 GMT
Last-Modified: Tue, 15 Nov 2022 01:19:26 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashb2d6aeeb303eaefc4cc6900e30da3b1b 4c3c027013211aa1b987006d0eb6c72f18c6a657 f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash8094f6d66cd067b92b99cc3c1ec916c6 cdb6d27ace38846e7a770dafce189f90a30db886 f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash6195246ecec581994773ce69a4c8623b 1f7da0242fae22c9f82056dc3fdaafec05071ff8 8a73e40d807467d70329aa95b265ba9850eb7df33821a9c7ea20197164aca51a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=119794
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Etag: "63725af8-116"
Expires: Wed, 16 Nov 2022 15:12:56 GMT
Last-Modified: Mon, 14 Nov 2022 15:12:56 GMT
Server: nginx
Content-Length: 278
|
|
| www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC | 142.250.74.164 | 200 OK | 584 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC IP142.250.74.164:0
File typeASCII text, with very long lines (884), with no line terminators Hashc954de798a18f948c4b0ed9efc52f3fd e1fc26500b99055d0b5dc01f1843c8aeb1a85b7d a676ac9f6704b5be451cd9de568d802360f39bc5bae067de5d59a7df4f2694a1
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 15 Nov 2022 05:56:22 GMT
date: Tue, 15 Nov 2022 05:56:22 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2f6da97df24a112979fa925fa119442f 5fd03261108f581acc37619647e0fa5a2e237cd2 8e0e37275dfe8bd49d129c6920d8f8120ed14f1119b29a08866345a044acabdd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141762
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Etag: "6372b0c8-1d7"
Expires: Wed, 16 Nov 2022 21:19:04 GMT
Last-Modified: Mon, 14 Nov 2022 21:19:04 GMT
Server: nginx
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe99acf1d37e51d66a2003e9ea7f81b71 804d8662e9bc73fa60929cdf219193aa382518de 93742cd630a83f3d88f08dc15f7ad86b76e6549d09f1809d3446ee5f035c8992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: max-age=86287
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Etag: "6371c19c-118"
Expires: Wed, 16 Nov 2022 05:54:29 GMT
Last-Modified: Mon, 14 Nov 2022 04:18:36 GMT
Server: ECS (amb/6B8B)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashb2d6aeeb303eaefc4cc6900e30da3b1b 4c3c027013211aa1b987006d0eb6c72f18c6a657 f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| secure.mlstatic.com/sdk/javascript/v1/mercadopago.js | 23.36.79.8 | 200 OK | 9.1 kB |
URL HTTP/1.1secure.mlstatic.com/sdk/javascript/v1/mercadopago.js IP23.36.79.8:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with very long lines (25829), with no line terminators Hash13e3cc8ff400bf1da09ba98065151e4a 05da8917634372f71cd2f851e42129fecfb2f45f 9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "825262-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: d2e52704-7958-472c-b559-cac792b41f98
X-Request-Device-Id: d2e52704-7958-472c-b559-cac792b41f98
X-D2id: d2e52704-7958-472c-b559-cac792b41f98
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Tue, 15 Nov 2022 05:56:22 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash9d9493125a22b98bd2ac3a1b11cc0a12 8334175b79551b1e0592f63eb606543c915983a2 a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ IP142.250.74.35:0
Hash41a28ec667abd0b8ab7419862750b36b 899c3f5b4a4aa8bad0eab05a4765ceba992e2858 e32c52449772f6888430470fb11c934f710308479a82c3ff86cefa2a6da62a24
POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| js.upnid.com/v0.js | 130.211.14.112 | 200 OK | 8.3 kB |
IP130.211.14.112:0
File typeUnicode text, UTF-8 text, with very long lines (23050) Hash49fa980f95bb3bbff8b7a2857a727d5d 9e931943f03079522318820948018d78610eaca4 4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943
GET /v0.js HTTP/1.1
Host: js.upnid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Tue, 15 Nov 2022 04:40:50 GMT
age: 4532
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| assets.pagar.me/js/pagarme.min.js | 151.101.65.63 | 200 OK | 23 kB |
URL HTTP/2assets.pagar.me/js/pagarme.min.js IP151.101.65.63:0
File typeUnicode text, UTF-8 text, with very long lines (33502) Hash5794079a2ac38ffdb52e3747f67808fb 8be6d5ed519240636e98ae1654beaaf0a84b56a5 8adb2c70ed44e150eede464cf3189af85693bd1b00661751ac6ae6947dde01a3
GET /js/pagarme.min.js HTTP/1.1
Host: assets.pagar.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
etag: "588a4514-14a9c"
last-modified: Thu, 26 Jan 2017 18:51:00 GMT
server: nginx
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
accept-ranges: bytes
date: Tue, 15 Nov 2022 05:56:22 GMT
age: 2769
x-served-by: cache-bfi-krnt7300061-BFI, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 17, 1
vary: Accept-Encoding
content-length: 22802
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hashafb724c16044315add6715c51f0f641f 266389c3fb14d97d3f80cb270015a51fcd8cb053 b921f0164d2b7e8d5cd6aa00a5e2c5005a367594b7bdae3f8deec5eaafe7e2c6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123018
Date: Tue, 15 Nov 2022 05:56:22 GMT
Etag: "63726790-1d7"
Expires: Wed, 16 Nov 2022 16:06:40 GMT
Last-Modified: Mon, 14 Nov 2022 16:06:40 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8-gycMs03EV30160wgtUcvH980Bo132h0G651CX6kguhf5W4S1qIyQ==
|
|
| assets.moip.com.br/v2/moip-2.7.1.min.js | 54.230.111.8 | 403 Forbidden | 919 B |
URL HTTP/2assets.moip.com.br/v2/moip-2.7.1.min.js IP54.230.111.8:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash59cba08e16834c894536b3b9e791a106 6b12be979a267405c763e74d67dcc2af541b6ab6 3752ade7625ada662d8c35a3921ae1ce58b91c35752b582787103867d1742908
GET /v2/moip-2.7.1.min.js HTTP/1.1
Host: assets.moip.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: text/html
content-length: 919
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dPeVDn1QznpuKmkcKgJgMIEc7OY7m0yXWlMgMqWiEJHJfIO5KF2rPQ==
X-Firefox-Spdy: h2
|
|
| images.yampi.me/assets/stores/cleanskinbr2/uploads/testimonies/61fc24f4d7e30.jpg | 172.67.72.14 | 200 OK | 4.5 kB |
URL HTTP/2images.yampi.me/assets/stores/cleanskinbr2/uploads/testimonies/61fc24f4d7e30.jpg IP172.67.72.14:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data Hashdf9cdc05e0944f57db3ad039017304a9 00c63dba48003764b9778cc2c72cb1a11bc59bbd a1fe70aa35e6aa86ad7dedc8ab127f83b5ef8bf08d13e0b4dfa37d1c6460c58c
GET /assets/stores/cleanskinbr2/uploads/testimonies/61fc24f4d7e30.jpg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: image/jpeg
content-length: 4518
x-amz-id-2: 697aXgwMBsIM6SSZJdZcwOvyIdwZ78uKI/vCA14zoqUotLDqoEcO6ac6Qc+QA3vPzMbJpDAgP2k=
x-amz-request-id: ZPCX37BVQ39Y2PEG
last-modified: Thu, 15 Sep 2022 13:22:01 GMT
x-amz-version-id: B6taROcsvLEW.sziGCSjU0z9lsbNFUXn
etag: "df9cdc05e0944f57db3ad039017304a9"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ%2F1wZjiDaLIMSZheN5WSTXFK2stVuDaNP52JWkc9%2FTWd2mAVP0FxOFO38EeuLl%2BMGNB9F2eG5ZsRYoaPQ%2BVWBKy2jnmZQR%2FlqQRT0UQJqseEkbjYqfOPwZe%2BPE0HjPaNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be49dbac0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| images.yampi.me/assets/stores/cleanskinbr2/uploads/testimonies/61fc24fcea7a3.jpg | 172.67.72.14 | 200 OK | 4.5 kB |
URL HTTP/2images.yampi.me/assets/stores/cleanskinbr2/uploads/testimonies/61fc24fcea7a3.jpg IP172.67.72.14:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data Hashdf9cdc05e0944f57db3ad039017304a9 00c63dba48003764b9778cc2c72cb1a11bc59bbd a1fe70aa35e6aa86ad7dedc8ab127f83b5ef8bf08d13e0b4dfa37d1c6460c58c
GET /assets/stores/cleanskinbr2/uploads/testimonies/61fc24fcea7a3.jpg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: image/jpeg
content-length: 4518
x-amz-id-2: xkqO288Wz2Hg14BgYwfGsZaZR2i0yMIcUGZX8ROlQI+B7ANYz1uUIAV1nBfmajYiawxL2MXypec=
x-amz-request-id: ZPCTS90WD21ER201
last-modified: Thu, 15 Sep 2022 13:22:02 GMT
x-amz-version-id: VCYPOX4SQiGhSChHMaqZQ5GxOq6OOlEg
etag: "df9cdc05e0944f57db3ad039017304a9"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMkcLGI9GkqPBy%2BIw%2B1BsReGpVFLOKdBXUOO9KY1cKZbdTjplICzAPtdlkZoejTIKyoyR503wq7T1V6b3QA695C%2FZSyEwA1OE3hZoInDi90fV5W9gRAlqm%2FwOT4WLw5KBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be49dbab0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| images.yampi.me/assets/stores/cleanskinbr2/uploads/testimonies/61fc24ede49c0.jpg | 172.67.72.14 | 200 OK | 4.5 kB |
URL HTTP/2images.yampi.me/assets/stores/cleanskinbr2/uploads/testimonies/61fc24ede49c0.jpg IP172.67.72.14:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data Hashdf9cdc05e0944f57db3ad039017304a9 00c63dba48003764b9778cc2c72cb1a11bc59bbd a1fe70aa35e6aa86ad7dedc8ab127f83b5ef8bf08d13e0b4dfa37d1c6460c58c
GET /assets/stores/cleanskinbr2/uploads/testimonies/61fc24ede49c0.jpg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: image/jpeg
content-length: 4518
x-amz-id-2: a5G08NR73Zo+NCbfD3RpVqyh43XJMm8ar9l0N+0d5KkAn6RzbEzIFr0sJZiA3xrd07/deg6j2oE=
x-amz-request-id: ZPCZMV4GEET6G20S
last-modified: Thu, 15 Sep 2022 13:22:02 GMT
x-amz-version-id: kKIMsonZKTEIL6uKHVTyuB9xnfQLa8YY
etag: "df9cdc05e0944f57db3ad039017304a9"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTveoY8LPZAzKWhgP%2B%2BmwNW78g0sEUkvo2kRz73KbVqSkh3Z1OLVbpYx6JMzqSmTmW6En0WRRHrrgfjymy23e%2F522q6PDScjPepnNirrx3YACjS2n%2Bk5nS9hsOCPdD9flg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be49dbb00b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/T24lFG9LNcQ IP142.250.74.35:0
Hash41a28ec667abd0b8ab7419862750b36b 899c3f5b4a4aa8bad0eab05a4765ceba992e2858 e32c52449772f6888430470fb11c934f710308479a82c3ff86cefa2a6da62a24
POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| images.yampi.me/assets/stores/cleanskinbr2/uploads/images/rosa-selvagem-acido-1-und-61aa603940aaa-thumb.png | 172.67.72.14 | 200 OK | 34 kB |
URL HTTP/2images.yampi.me/assets/stores/cleanskinbr2/uploads/images/rosa-selvagem-acido-1-und-61aa603940aaa-thumb.png IP172.67.72.14:0
File typePNG image data, 290 x 387, 8-bit/color RGBA, non-interlaced\012- data Hash1c864d45cb560bc72979b18e43f292b2 e777a4c7f5759d4178f716e818b5f1da224bb343 27f492caf7a8241fa5749b10cd9216fdcb58e2aaaadfd9784b155f4b51183dab
GET /assets/stores/cleanskinbr2/uploads/images/rosa-selvagem-acido-1-und-61aa603940aaa-thumb.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: image/png
content-length: 34038
x-amz-id-2: A41JeRPhGMJMwovEde/sECNVY0eQvfH61iuQVr5jk8U8cwImxgOx41M7ksfaUMIZj0zTKkGQ5SA=
x-amz-request-id: ZPCMSBW05AS478GX
last-modified: Fri, 03 Dec 2021 18:21:47 GMT
x-amz-version-id: qY4K.N1EVFjM5yp1xP79qJjgB4kXW8lg
etag: "1c864d45cb560bc72979b18e43f292b2"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQUyDuFRgoPXFlEK4rOXCUH9DI%2B506Od1ihUh5J6JyJxUfuYFfchfzcqNAdbTi%2BpGMaypnz9aRMRlWTBDoVWnZICqmUWaFOPH2wObFHRc%2FcQoM0L5%2FQqUCDzbHkCxRoGzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be49dbad0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.moip.com.br/v2/moip-2.7.1.min.js | 54.230.111.8 | 403 Forbidden | 919 B |
URL HTTP/2assets.moip.com.br/v2/moip-2.7.1.min.js IP54.230.111.8:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash363f3e0b307175ba0f80fd9abc23fb41 28e26d1c258579dc24d4e985a9ff1e5ee2c953ae 621a21b8eb5cc7e9bb0839042b55312ae5dd33ae26d4dfef88dd81a85cd136f6
GET /v2/moip-2.7.1.min.js HTTP/1.1
Host: assets.moip.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: CloudFront
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: text/html
content-length: 919
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQOwA_LcGuNUQeWqSyEmTA4C68NmKPW9q-9lJAY1-GOuELSPZ2Kljg==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 | 216.58.207.195 | 200 OK | 34 kB |
URL HTTP/2fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data Hash848cd2ecd011428969dc6b90431bc482 6b1a7b562a56bd54510e0f6f95e26babca331a1b 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:38:57 GMT
expires: Fri, 10 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 375446
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash6ea606a3c83b6b14b9375c84e37870d8 d73a898c2f3eba8e71d6d4f675c47107df0a5795 0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcd1113247f563974057d4e22ddc6d740 df60962e3081b0c2e7cf64527fd0441a68ef693a b66e63d6512e05d9887ceaa3fa0884e4c9439a9095b9d016cd237bc0eeb1ecdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1170
Cache-Control: max-age=162017
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Etag: "6372fb56-1d7"
Expires: Thu, 17 Nov 2022 02:56:40 GMT
Last-Modified: Tue, 15 Nov 2022 02:37:10 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcd1113247f563974057d4e22ddc6d740 df60962e3081b0c2e7cf64527fd0441a68ef693a b66e63d6512e05d9887ceaa3fa0884e4c9439a9095b9d016cd237bc0eeb1ecdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1170
Cache-Control: max-age=162017
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Etag: "6372fb56-1d7"
Expires: Thu, 17 Nov 2022 02:56:40 GMT
Last-Modified: Tue, 15 Nov 2022 02:37:10 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcd1113247f563974057d4e22ddc6d740 df60962e3081b0c2e7cf64527fd0441a68ef693a b66e63d6512e05d9887ceaa3fa0884e4c9439a9095b9d016cd237bc0eeb1ecdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160847
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Etag: "6372fb56-1d7"
Expires: Thu, 17 Nov 2022 02:37:10 GMT
Last-Modified: Tue, 15 Nov 2022 02:37:10 GMT
Server: nginx
Content-Length: 471
|
|
| api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.rosaselvagemacido.com | 54.165.15.136 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.rosaselvagemacido.com IP54.165.15.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/devices/widgets?referer=https%3A//seguro.rosaselvagemacido.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.rosaselvagemacido.com/
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: application/json
content-length: 0
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.rosaselvagemacido.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-request-id: 2744b662-d355-40a7-9cd5-c11b38e9828f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/device_sessions/web_device | 54.165.15.136 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/web_device IP54.165.15.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.rosaselvagemacido.com/
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.rosaselvagemacido.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 016d85c7-a822-4d8e-b18a-55c98e59154b
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-93,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: c1a42a86cf2b8296
x-b3-traceid: c1a42a86cf2b8296
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-93: TwNU9hmJLdirq4MqbqRnnO6gXpOSBvx2MEEjsj94wqLZ/kn42jds8o9KRIzt8pGX
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash5b969fad3aaf6b9444866e84529966ba b9e750406416ce66f83c962e39b194cfb1634277 17664a5bcbe582b16c150629697814d46ed806ad024865cb8db485ada3ea7726
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142242
Date: Tue, 15 Nov 2022 05:56:23 GMT
Etag: "63729cfe-1d7"
Expires: Wed, 16 Nov 2022 21:27:05 GMT
Last-Modified: Mon, 14 Nov 2022 19:54:38 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: auMFmUFKG7ri4a2REIcREliLHca-oxSWsFg7AnZXJwlNEq2ueWy9Ow==
Age: 5547
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash49746c978b728b356c9fa6e79004bff4 07dd18d68bada9e4f10831f63096b07d1a473464 d2c450101cb49f59fd22a5a26ec9a4412f5b5090485036849624dcc9a0decd76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1255
Cache-Control: max-age=163514
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:23 GMT
Etag: "637300da-1d7"
Expires: Thu, 17 Nov 2022 03:21:37 GMT
Last-Modified: Tue, 15 Nov 2022 03:00:42 GMT
Server: ECS (amb/6BA5)
X-Cache: HIT
Content-Length: 471
|
|
| cdn.yampi.io/ana/ana.min.js?t=1668556800000 | 104.18.15.227 | 200 OK | 82 kB |
URL HTTP/2cdn.yampi.io/ana/ana.min.js?t=1668556800000 IP104.18.15.227:0
Hashe655e69564243e04f57b17d96711f9f2 e33f462478ac2cbed22dcd7cc677a94495d8d91b d6e40227226d2a31d8c0fd24f7179981221fdecffe7b9f8b1fd1b0ed0c7517b5
GET /ana/ana.min.js?t=1668556800000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: application/javascript
x-amz-id-2: MQCmjdIbe8dG+PfuORTFrmubS+GaXZSalv9Ngo+6xtmcSXpOM9JHd+uNjrfrxlFNvsjkUS4Wh50=
x-amz-request-id: Q84YKFT7HMP29Y2T
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 868
expires: Wed, 15 Nov 2023 05:56:23 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be4d2cbdb512-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/etid | 54.230.111.112 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/etid IP54.230.111.112:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 15 Nov 2022 05:56:24 GMT
server: Tengine
set-cookie: _d2id=3492b425-f823-4eff-8971-0e766701879b-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:24 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: c04b092a-abf3-4db0-a7f5-38221a48148b-1668491784187
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 3492b425-f823-4eff-8971-0e766701879b
x-request-device-id: 3492b425-f823-4eff-8971-0e766701879b
x-d2id: 3492b425-f823-4eff-8971-0e766701879b
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: leJYFrCzDo8x_yE57bNcIqQXn5ed5T-gKIwu7inGXyIRXtwfQKiJzg==
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/device_sessions/web_device | 54.165.15.136 | 200 OK | 12 kB |
URL HTTP/2api.mercadopago.com/v1/device_sessions/web_device IP54.165.15.136:0
File typeJSON data\012- HTML document, ASCII text, with very long lines (40662), with no line terminators Hashd2f5e2943dd0b077d9207582701ef22e 9cc2f30342094eddb7a2e07f7e1e868cc83107e0 884fb233f3a76c0bf46bbcf2e11d57f76d27057149c7ddd1959676aaf4f80306
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.rosaselvagemacido.com
x-request-id: 1806f86a-57d0-484b-86ad-4d58f82a53c8
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-28,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 092c1cf55fb557fd
x-b3-traceid: 092c1cf55fb557fd
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-digest-28: l+usIAwT5jWHoJbui5KYUciGuQd6zrxoOuK6mnhvu3MTl7AJ1ep5pDEOUOSycPJA
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1668491783678;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 671 B |
IP93.184.220.29:0
Hashcf84e214032078098ec9344d9328c53f 02a371100572133cd9b2f9902491dbd0791bea88 9590cb12966218378cb17c0d81c7280cc2da2ccf2aeba4d13d40a5adeeb3455c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1591
Cache-Control: max-age=169626
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Etag: "6373176b-1d7"
Expires: Thu, 17 Nov 2022 05:03:30 GMT
Last-Modified: Tue, 15 Nov 2022 04:36:59 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash1af800aa2b326e8af0f2640db68a7a0d 4c617814f5c705737bf4bf111c53bf40bb932af5 594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash9b78d5e90f1f6c22f03d462e20f29106 bfdc283d056d094231348cc88f9d463ecef2c030 e5bd7f7445499ac922349f07d76580ebc8219e04062cac1bf7ce7d8b1e816501
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: +OkIG2Urtprjj3tKjTOkn9qeD4gxjI+Wwe54gp3zEjzP0xkjZ2aY1xHT0PEiUPBbjvONU5PYHFTpqPeq0WgjNA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 2074150462
date: Tue, 15 Nov 2022 05:56:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 04:41:09 GMT
expires: Tue, 15 Nov 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 4515
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js | 142.250.74.163 | 200 OK | 409 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (668) Size409 kB (408610 bytes) Hash5e4857e008de71aa0e33e9cd123d008e 307c748fabe2497c790a20dcacde300ff7e20749 fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 408610
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 23:36:34 GMT
expires: Tue, 14 Nov 2023 23:36:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 22790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 216.58.207.237 | 302 Found | 395 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP216.58.207.237:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380) Hash7f29906f5aeaed9b220bd4cd0a76ba2c 6ee5cec4c8bd17dd7c27983ac7d94bb36f0622c2 13812d6521f3e7d14d72730ea838c5e69ef967fdf3dba67c638f9c800632b618
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Nov 2022 05:56:24 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-704275441%3A1668491784466295&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu6nzCMe3jlNa02tpf89DSv1F56MB4jBS5rGG03LViONaSFMAmEvJXxi-T6qV4U6fjrV_1HTA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-kRJJKVt8CJA3fdnElkLLOw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:DpZVJaUXEIMotmRIb_iLVu_wEQzxiw:JD6t8BRUHae-Wgm6;Path=/;Expires=Thu, 14-Nov-2024 05:56:24 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash39ed54d118ae43c615b5efd6cf46ac6f 05484ec9c0b28f3f662897b85f5a0d61ae0387f3 81f3958a1abfdd416fe8d78ab4b377d680aa9c957e1435a1f8b481883bad7f96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2918
Cache-Control: max-age=170953
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Etag: "6373176b-1d7"
Expires: Thu, 17 Nov 2022 05:25:37 GMT
Last-Modified: Tue, 15 Nov 2022 04:36:59 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=2141370693&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Rosa%20Selvagem%20%C3%81cido&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEATAAAAACAAI~&jid=300510379&gjid=858640686&cid=953467880.1668491784&tid=UA-215217484-1&_gid=1706907655.1668491784&_r=1&_slc=1&z=834398448 | 142.250.74.174 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=2141370693&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Rosa%20Selvagem%20%C3%81cido&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEATAAAAACAAI~&jid=300510379&gjid=858640686&cid=953467880.1668491784&tid=UA-215217484-1&_gid=1706907655.1668491784&_r=1&_slc=1&z=834398448 IP142.250.74.174:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=2141370693&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Rosa%20Selvagem%20%C3%81cido&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEATAAAAACAAI~&jid=300510379&gjid=858640686&cid=953467880.1668491784&tid=UA-215217484-1&_gid=1706907655.1668491784&_r=1&_slc=1&z=834398448 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://seguro.rosaselvagemacido.com
date: Tue, 15 Nov 2022 05:56:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=2141370693&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Rosa%20Selvagem%20%C3%81cido&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEHAAEATAAAAACAAI~&jid=90460031&gjid=280751560&cid=953467880.1668491784&tid=UA-45745009-5&_gid=1706907655.1668491784&_r=1&_slc=1&z=2027292198 | 142.250.74.174 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=2141370693&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Rosa%20Selvagem%20%C3%81cido&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEHAAEATAAAAACAAI~&jid=90460031&gjid=280751560&cid=953467880.1668491784&tid=UA-45745009-5&_gid=1706907655.1668491784&_r=1&_slc=1&z=2027292198 IP142.250.74.174:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=2141370693&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Rosa%20Selvagem%20%C3%81cido&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEHAAEATAAAAACAAI~&jid=90460031&gjid=280751560&cid=953467880.1668491784&tid=UA-45745009-5&_gid=1706907655.1668491784&_r=1&_slc=1&z=2027292198 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://seguro.rosaselvagemacido.com
date: Tue, 15 Nov 2022 05:56:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 471 B |
IP142.250.74.35:0
Hash1af800aa2b326e8af0f2640db68a7a0d 4c617814f5c705737bf4bf111c53bf40bb932af5 594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash68a04663a52ab4272c25f5afcc09a92d 48b0722227353d06cb1dfd4480b644be6e6fc030 892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash68a04663a52ab4272c25f5afcc09a92d 48b0722227353d06cb1dfd4480b644be6e6fc030 892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-215217484-1&cid=953467880.1668491784&jid=300510379&gjid=858640686&_gid=1706907655.1668491784&_u=IEBAAEASAAAAACAAI~&z=891893208 | 142.251.1.155 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-215217484-1&cid=953467880.1668491784&jid=300510379&gjid=858640686&_gid=1706907655.1668491784&_u=IEBAAEASAAAAACAAI~&z=891893208 IP142.251.1.155:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-215217484-1&cid=953467880.1668491784&jid=300510379&gjid=858640686&_gid=1706907655.1668491784&_u=IEBAAEASAAAAACAAI~&z=891893208 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.rosaselvagemacido.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 05:56:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=953467880.1668491784&jid=90460031&gjid=280751560&_gid=1706907655.1668491784&_u=IEHAAEATAAAAACAAI~&z=1264815774 | 142.251.1.155 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=953467880.1668491784&jid=90460031&gjid=280751560&_gid=1706907655.1668491784&_u=IEHAAEATAAAAACAAI~&z=1264815774 IP142.251.1.155:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=953467880.1668491784&jid=90460031&gjid=280751560&_gid=1706907655.1668491784&_u=IEHAAEATAAAAACAAI~&z=1264815774 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.rosaselvagemacido.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 05:56:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash68a04663a52ab4272c25f5afcc09a92d 48b0722227353d06cb1dfd4480b644be6e6fc030 892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61aa705ceb9a0/61aa705ceb9a9.png | 52.95.164.112 | 200 OK | 151 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61aa705ceb9a0/61aa705ceb9a9.png IP52.95.164.112:0
File typePNG image data, 770 x 462, 8-bit/color RGBA, non-interlaced\012- data Size151 kB (150858 bytes) Hash8df836d0f839edd2c20dc1fffd126d4d bee35a3573c638f2128fd0cfd4a75722e4a617ff 4e96ac4235c7d9788a923a525cf4f313ea4a6c8ea19a2cd7a74bec00a4c42e21
GET /king-assets.yampi.me/dooki/61aa705ceb9a0/61aa705ceb9a9.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FBFaPde2MnkOex8ufHJQnQfkH4EzjZkuMzwgy/+Ne7sW+rlPH6QhAcwD7yzyc+EP8lSyYGgTD9c=
x-amz-request-id: 5795JRERMYW4AHMW
Date: Tue, 15 Nov 2022 05:56:24 GMT
Last-Modified: Fri, 03 Dec 2021 19:30:37 GMT
ETag: "8df836d0f839edd2c20dc1fffd126d4d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 150858
|
|
| www.facebook.com/tr/?id=271637861586365&ev=PageView&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&rl=&if=false&ts=1668491784867&cd[content_ids]=%5B%2235639517%22%5D&cd[content_type]=product_group&cd[value]=132.3&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=29&fbp=fb.1.1668491784866.36799499&it=1668491784324&coo=false&eid=PageView_wnfix1qzg&rqm=GET | 31.13.72.36 | 200 OK | 86 kB |
URL HTTP/2www.facebook.com/tr/?id=271637861586365&ev=PageView&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&rl=&if=false&ts=1668491784867&cd[content_ids]=%5B%2235639517%22%5D&cd[content_type]=product_group&cd[value]=132.3&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=29&fbp=fb.1.1668491784866.36799499&it=1668491784324&coo=false&eid=PageView_wnfix1qzg&rqm=GET IP31.13.72.36:0
File typegzip compressed data, from Unix\012- data Hashf45e6a20672bb1462ce6dab11ae220ba eafcbca1a7905330e78bd2087b0a6c4d359ff9be e37a022d5de93171726b18f510008f506a58c40593a2dafe37a331fa9d433a88
GET /tr/?id=271637861586365&ev=PageView&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&rl=&if=false&ts=1668491784867&cd[content_ids]=%5B%2235639517%22%5D&cd[content_type]=product_group&cd[value]=132.3&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=29&fbp=fb.1.1668491784866.36799499&it=1668491784324&coo=false&eid=PageView_wnfix1qzg&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Nov 2022 05:56:25 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=271637861586365&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&rl=&if=false&ts=1668491784868&cd[content_ids]=%5B%2235639517%22%5D&cd[content_type]=product_group&cd[value]=132.3&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=29&fbp=fb.1.1668491784866.36799499&it=1668491784324&coo=false&eid=InitiateCheckout_eonj59ebt&tm=1&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=271637861586365&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&rl=&if=false&ts=1668491784868&cd[content_ids]=%5B%2235639517%22%5D&cd[content_type]=product_group&cd[value]=132.3&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=29&fbp=fb.1.1668491784866.36799499&it=1668491784324&coo=false&eid=InitiateCheckout_eonj59ebt&tm=1&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=271637861586365&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.rosaselvagemacido.com%2Fcheckout%2Faddress&rl=&if=false&ts=1668491784868&cd[content_ids]=%5B%2235639517%22%5D&cd[content_type]=product_group&cd[value]=132.3&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=29&fbp=fb.1.1668491784866.36799499&it=1668491784324&coo=false&eid=InitiateCheckout_eonj59ebt&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Nov 2022 05:56:25 GMT
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-spa-1216.min.js | 151.101.86.137 | 200 OK | 18 kB |
URL HTTP/2js-agent.newrelic.com/nr-spa-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32010) Hash6561a2403142205f966207d61576f1a6 1310e72f494e12ab63a4280fc1600a2c89dc9bb8 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Nov 2022 05:56:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 120
x-timer: S1668491785.109656,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2c77e6ed0e4f0012e484b60994b3eec9 8498de56cd9327ed7ec3758f00564cf1b27e7610 0d9c935cde3a63db16ae5d2dbe5b78b49aaf9dae5801e5aae7c00741efd2b196
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: max-age=147851
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:25 GMT
Etag: "6372b22b-1d7"
Expires: Wed, 16 Nov 2022 23:00:36 GMT
Last-Modified: Mon, 14 Nov 2022 21:24:59 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2c77e6ed0e4f0012e484b60994b3eec9 8498de56cd9327ed7ec3758f00564cf1b27e7610 0d9c935cde3a63db16ae5d2dbe5b78b49aaf9dae5801e5aae7c00741efd2b196
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4547
Cache-Control: max-age=146661
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:25 GMT
Etag: "6372b22b-1d7"
Expires: Wed, 16 Nov 2022 22:40:46 GMT
Last-Modified: Mon, 14 Nov 2022 21:24:59 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 471
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61aa6b2c81300/61aa6b2c81305.png | 52.95.164.112 | 200 OK | 89 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61aa6b2c81300/61aa6b2c81305.png IP52.95.164.112:0
File typePNG image data, 512 x 307, 8-bit/color RGBA, non-interlaced\012- data Hash7d9930a524f9aa8caa06ddf070d77f3d c5bb45a99848bafee68ce4e4efbd13ff428f3b0d 7918fec4f90e1c73d3189996711fae35442b7a073bbff4263a84cde7b8e99d7d
GET /king-assets.yampi.me/dooki/61aa6b2c81300/61aa6b2c81305.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: EbkFJ/cjMBOQSRDvmxC3gqCLASzGPOSnhOYAiA8/8MhepV/RRSgP5boB6M7488x7IWY4SnMrG2U=
x-amz-request-id: AQP61YRZ644K5QP5
Date: Tue, 15 Nov 2022 05:56:26 GMT
Last-Modified: Fri, 03 Dec 2021 19:08:29 GMT
ETag: "7d9930a524f9aa8caa06ddf070d77f3d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 88915
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd96fba17b1f528e0e6f4a01e886446ed edc5b2d8e2df86e9610df5404390ea52e52dc93f 9efa0944bbe2a5971367a32ae98866d8c1c54fc4507170a7d1884a473123c1ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5047
Cache-Control: max-age=151130
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 05:56:25 GMT
Etag: "6372c1ac-1d7"
Expires: Wed, 16 Nov 2022 23:55:15 GMT
Last-Modified: Mon, 14 Nov 2022 22:31:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6624&ck=1&ref=https://seguro.rosaselvagemacido.com/checkout/address&ap=231&be=3846&fe=6367&dc=4661&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668491778543,%22n%22:0,%22f%22:2541,%22dn%22:2541,%22dne%22:2541,%22c%22:2541,%22s%22:2541,%22ce%22:2541,%22rq%22:2543,%22rp%22:3820,%22rpe%22:3820,%22dl%22:3832,%22di%22:4549,%22ds%22:4660,%22de%22:4710,%22dc%22:6367,%22l%22:6367,%22le%22:6594%7D,%22navigation%22:%7B%7D%7D&fcp=4548&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6624&ck=1&ref=https://seguro.rosaselvagemacido.com/checkout/address&ap=231&be=3846&fe=6367&dc=4661&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668491778543,%22n%22:0,%22f%22:2541,%22dn%22:2541,%22dne%22:2541,%22c%22:2541,%22s%22:2541,%22ce%22:2541,%22rq%22:2543,%22rp%22:3820,%22rpe%22:3820,%22dl%22:3832,%22di%22:4549,%22ds%22:4660,%22de%22:4710,%22dc%22:6367,%22l%22:6367,%22le%22:6594%7D,%22navigation%22:%7B%7D%7D&fcp=4548&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6624&ck=1&ref=https://seguro.rosaselvagemacido.com/checkout/address&ap=231&be=3846&fe=6367&dc=4661&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668491778543,%22n%22:0,%22f%22:2541,%22dn%22:2541,%22dne%22:2541,%22c%22:2541,%22s%22:2541,%22ce%22:2541,%22rq%22:2543,%22rp%22:3820,%22rpe%22:3820,%22dl%22:3832,%22di%22:4549,%22ds%22:4660,%22de%22:4710,%22dc%22:6367,%22l%22:6367,%22le%22:6594%7D,%22navigation%22:%7B%7D%7D&fcp=4548&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 05:56:26 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76a5be5d2aa2b4f9-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=eba45294f5e1f791; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=7571&ck=1&ref=https://seguro.rosaselvagemacido.com/checkout/address | 162.247.241.14 | 200 OK | 24 B |
URL HTTP/1.1bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=7571&ck=1&ref=https://seguro.rosaselvagemacido.com/checkout/address IP162.247.241.14:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashbc32ed98d624acb4008f986349a20d26 2d3df8c11d2168ce2c27e0937421d11d85016361 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=7571&ck=1&ref=https://seguro.rosaselvagemacido.com/checkout/address HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1150
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 05:56:26 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 76a5be604d4ab4f9-OSL
Access-Control-Allow-Origin: https://seguro.rosaselvagemacido.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
|
|
| api.mercadopago.com/v1/device_sessions/anonymous_device_session | 54.165.15.136 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/anonymous_device_session IP54.165.15.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.rosaselvagemacido.com/
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:26 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.rosaselvagemacido.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: dee2389f-6177-4ac8-8d5d-0e7d0d9ab50b
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-93,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: e6f0a0b1773f124f
x-b3-traceid: e6f0a0b1773f124f
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-93: y+9KdY82n/tYsD9AaCzpAekPvSmRCQKW2/u/VKP6fI706YRviitqQm/j9bgcc50O
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/jsuuid?current=faab6b2a-f83d-4efa-bbdb-e681a7237961-1668491785643 | 54.230.111.112 | 200 OK | 469 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/jsuuid?current=faab6b2a-f83d-4efa-bbdb-e681a7237961-1668491785643 IP54.230.111.112:0
Hash6f316fcca0463223f4c6238775922c90 6ddefc6efb949dba6ff8bc14864e36424506b11d 2c60b58e4db3609893ea5053c6cd049fff5f9f8e7d7dcc27f2fc5bb9cff6d1cc
GET /jms/lgz/background/jsuuid?current=faab6b2a-f83d-4efa-bbdb-e681a7237961-1668491785643 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70
Connection: keep-alive
Cookie: dsid=1afed578-2b3e-4f5e-83b2-c32366411ebb-1668491785662; edsid=e3d9fa30-84b5-476d-bba5-73f0febcd364-1668491785662
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 15 Nov 2022 05:56:26 GMT
server: Tengine
set-cookie: _d2id=3f805992-0f45-4f81-98ec-f2e73620ac16-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:26 GMT
access-control-allow-origin: *
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 3f805992-0f45-4f81-98ec-f2e73620ac16
x-request-device-id: 3f805992-0f45-4f81-98ec-f2e73620ac16
x-d2id: 3f805992-0f45-4f81-98ec-f2e73620ac16
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8_ePd_mxEEZLwXr19XjiNZJi7O93zD-L26zgvV123Hf3MuqopellJg==
X-Firefox-Spdy: h2
|
|
| www.mercadolivre.com/jms/mlb/lgz/background/session/armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f?background=armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImQwZDVjYjY2LWQzYTktNDRlNi05MTI2LWJkM2U3OTczODU5MS0xNjY4NDkxNzg0MjA2IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjI3LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo5OSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjEsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjE1LCJ0b3RhbCI6MjE1fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D | 54.230.111.15 | 200 OK | 0 B |
URL HTTP/2www.mercadolivre.com/jms/mlb/lgz/background/session/armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f?background=armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImQwZDVjYjY2LWQzYTktNDRlNi05MTI2LWJkM2U3OTczODU5MS0xNjY4NDkxNzg0MjA2IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjI3LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo5OSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjEsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjE1LCJ0b3RhbCI6MjE1fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D IP54.230.111.15:0
GET /jms/mlb/lgz/background/session/armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f?background=armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImQwZDVjYjY2LWQzYTktNDRlNi05MTI2LWJkM2U3OTczODU5MS0xNjY4NDkxNzg0MjA2IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjI3LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo5OSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjEsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjE1LCJ0b3RhbCI6MjE1fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 15 Nov 2022 05:56:25 GMT
server: Tengine
set-cookie: _d2id=cc98b926-9f6a-408f-abb6-5c6bda10f526-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 15 Nov 2023 05:56:25 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 10
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: cc98b926-9f6a-408f-abb6-5c6bda10f526
x-request-device-id: cc98b926-9f6a-408f-abb6-5c6bda10f526
x-d2id: cc98b926-9f6a-408f-abb6-5c6bda10f526
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g55zaZmb0s75j6tuWNw0_z4vfmnsqSUKwKapiOhBf_ikSuQGBzltdQ==
X-Firefox-Spdy: h2
|
|
| www.mercadolivre.com/jms/mlb/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70?background=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImQwZDVjYjY2LWQzYTktNDRlNi05MTI2LWJkM2U3OTczODU5MS0xNjY4NDkxNzg0MjA2IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjI3LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo5OSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjEsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjE1LCJ0b3RhbCI6MjE1fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D | 54.230.111.15 | 200 OK | 0 B |
URL HTTP/2www.mercadolivre.com/jms/mlb/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70?background=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImQwZDVjYjY2LWQzYTktNDRlNi05MTI2LWJkM2U3OTczODU5MS0xNjY4NDkxNzg0MjA2IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjI3LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo5OSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjEsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjE1LCJ0b3RhbCI6MjE1fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D IP54.230.111.15:0
GET /jms/mlb/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70?background=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImQwZDVjYjY2LWQzYTktNDRlNi05MTI2LWJkM2U3OTczODU5MS0xNjY4NDkxNzg0MjA2IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjI3LCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo5OSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjEsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjE1LCJ0b3RhbCI6MjE1fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 15 Nov 2022 05:56:25 GMT
server: Tengine
set-cookie: _d2id=5568491a-de2e-47f2-9f71-eddaed9af2b3-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 15 Nov 2023 05:56:25 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 5568491a-de2e-47f2-9f71-eddaed9af2b3
x-request-device-id: 5568491a-de2e-47f2-9f71-eddaed9af2b3
x-d2id: 5568491a-de2e-47f2-9f71-eddaed9af2b3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ck_mvtyUDN6rJRfiLeN4g73f2lInbzj_TtBpQ626guUjSnxlLn_ISw==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70 | 54.230.111.112 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70 IP54.230.111.112:0
GET /jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Tue, 15 Nov 2022 05:56:26 GMT
server: Tengine
set-cookie: _d2id=06b22da3-d499-4013-9c44-8b7f9e2f388c-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:26 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 06b22da3-d499-4013-9c44-8b7f9e2f388c
x-request-device-id: 06b22da3-d499-4013-9c44-8b7f9e2f388c
x-d2id: 06b22da3-d499-4013-9c44-8b7f9e2f388c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jb3goIoJFzlOPAdUfMTiEFPP8FsxOLlPiO4u2TmkK_nMwfdf94rUtQ==
X-Firefox-Spdy: h2
|
|
| seguro.rosaselvagemacido.com/checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2 | 170.82.174.30 | 302 Found | 0 B |
URL HTTP/2seguro.rosaselvagemacido.com/checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2 IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
GET /checkout/payment?cart_token=1b000e50-5ace-11ed-9d05-020f82a47782-63629f3e1af93&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=b715a3e5037ce6e74af670997737d24f70a8dff9&customerToken=f623e0c0-5ace-11ed-b60b-03efc0acb7d2 HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 15 Nov 2022 05:56:20 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.rosaselvagemacido.com/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjJvOFJhQ0lOWFRja3dIQTJOUzNtTkE9PSIsInZhbHVlIjoiM3RPSTg1XC9QUkw5VWxhc0RYZWdTSk5PRG5YaW1JaW1aM0pFVVc4T2hLMkEwRUdVd1RGMnBZUHY4c0o2Nk8rdFdseXNRcjQrYlRiUnA2dis2QW43S3R3PT0iLCJtYWMiOiI2MzI0MWIzMmMyYzMwYjUwNGExZGNiZWFlOWEwODMxNGMxNmMyODE1NGNhN2U5NDllZmY1NDE4NmVhMDI3ZDlkIn0%3D; expires=Tue, 15-Nov-2022 08:56:20 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlNiM0JYbERPQ05OWGJhaFA4dm1ZREE9PSIsInZhbHVlIjoiRFpQSmt0U3ZTZHltNXF0N21maEd5ZEFpc1wvWXlvdEUxRkR2SU5sT1BPR1J0bmcyQ2lZMzc3RDFrSW5mYkZySXpSVlRxZmE4WGxUNTlNWHhxRDNoVUNBPT0iLCJtYWMiOiI5NGRiNmE0MjNmYjI4YmQ0NDhkZGRjNDdkYzIxOTkyMTk2ODAwMGY3NmFjYzBlYzFjNGY2ZTdiZmE0NmJmYTZiIn0%3D; expires=Tue, 15-Nov-2022 08:56:20 GMT; Max-Age=10800; path=/; httponly
cleanskinbr2_cart=eyJpdiI6IlFydjBmRlVHeHVHNnlwRzFpWDB1V1E9PSIsInZhbHVlIjoiSmg2dXFscUxKSGliekI3dSszanBubkFhSGNcLzNnZXVxVlEwTzNSQ0g4bWNORTZHWnhFakxuenJmZkNWR3N0TGhkVHFcL0JRNGxCbTIyeWNxSWVCU1ZkQT09IiwibWFjIjoiNGRhODNiM2JlMTljNzY4ZDg2Nzc1MjI0YmRiYzAyYjQ0MmRhYmIwMDQ4YzAxMWQ0YmNiNjA5NmJkODdiYTM1MiJ9; expires=Sun, 20-Nov-2022 05:56:20 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
|
|
| seguro.rosaselvagemacido.com/checkout/address | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.rosaselvagemacido.com/checkout/address IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /checkout/address HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJvOFJhQ0lOWFRja3dIQTJOUzNtTkE9PSIsInZhbHVlIjoiM3RPSTg1XC9QUkw5VWxhc0RYZWdTSk5PRG5YaW1JaW1aM0pFVVc4T2hLMkEwRUdVd1RGMnBZUHY4c0o2Nk8rdFdseXNRcjQrYlRiUnA2dis2QW43S3R3PT0iLCJtYWMiOiI2MzI0MWIzMmMyYzMwYjUwNGExZGNiZWFlOWEwODMxNGMxNmMyODE1NGNhN2U5NDllZmY1NDE4NmVhMDI3ZDlkIn0%3D; bubbstore_checkout=eyJpdiI6IlNiM0JYbERPQ05OWGJhaFA4dm1ZREE9PSIsInZhbHVlIjoiRFpQSmt0U3ZTZHltNXF0N21maEd5ZEFpc1wvWXlvdEUxRkR2SU5sT1BPR1J0bmcyQ2lZMzc3RDFrSW5mYkZySXpSVlRxZmE4WGxUNTlNWHhxRDNoVUNBPT0iLCJtYWMiOiI5NGRiNmE0MjNmYjI4YmQ0NDhkZGRjNDdkYzIxOTkyMTk2ODAwMGY3NmFjYzBlYzFjNGY2ZTdiZmE0NmJmYTZiIn0%3D; cleanskinbr2_cart=eyJpdiI6IlFydjBmRlVHeHVHNnlwRzFpWDB1V1E9PSIsInZhbHVlIjoiSmg2dXFscUxKSGliekI3dSszanBubkFhSGNcLzNnZXVxVlEwTzNSQ0g4bWNORTZHWnhFakxuenJmZkNWR3N0TGhkVHFcL0JRNGxCbTIyeWNxSWVCU1ZkQT09IiwibWFjIjoiNGRhODNiM2JlMTljNzY4ZDg2Nzc1MjI0YmRiYzAyYjQ0MmRhYmIwMDQ4YzAxMWQ0YmNiNjA5NmJkODdiYTM1MiJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:21 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IktmWThBMmMyMDFwSFFYbGRMTmRLZXc9PSIsInZhbHVlIjoidmVQSDlvNlErV1hEcDNidnlQd0p5clRIRkg2MUNyaXNzd0o4aklOQnJ6M1RvVk4rY24rS3Z2Q2tCdElCWnJCc0twNDllZ0w4WFNNV0JTRnpzXC8wUUpnPT0iLCJtYWMiOiI5NWEzNDU2OTEyM2JlYzJhOWI2OWRiOWVhZjJkNGQ2NTUzZTY5MWM5YzFhZjgyODQ2YjdlNjcxZTI0NTZkNTU3In0%3D; expires=Tue, 15-Nov-2022 08:56:21 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IldcL1pQM2V3MmJVOHd0UlFGeWNmUkZ3PT0iLCJ2YWx1ZSI6IitNZGJhaVluTFNxU1wvd2NEYnZjamdXamVVRTliRThZYVFDT2xuZldPMHI4U1diUWhhZzlcL1lzTHlabzFTcjYreDJHY3FLeld4S1grXC8ySXFFdkkwcThnPT0iLCJtYWMiOiIxYTg4ZGYxZjYzMWY4YjFmOWUxNGUzZDVmOTViZTg2YWZhZTFhZjc2NTUyMDE4NWRmY2Q5MGU1ZWM4YWZlYWI2In0%3D; expires=Tue, 15-Nov-2022 08:56:21 GMT; Max-Age=10800; path=/; httponly
cart_auth_273178189=eyJpdiI6IjdXcThNMml2cDRUT2NZekJGc3VTOVE9PSIsInZhbHVlIjoibmZUNzdWcVJjbk1FaXZLSFliVHhhV2xBUzBkUTJ2ZitjNVhadjlwbzhyT2VRMVRyb1IxY0lXQnY3bHVzSTU1S1hUb0VBbGNwZWlmc3BteHVkOU1HYmlmNEt0dGVsVE5XQTd2QlhaUm9LcnppaGdYQ0NCZ1ZvSzFZbGNaOXR6YWlyeDJUVFlubWNETlRvVVV0TW81NkhWZGd4M3lwbFNiNDMycHdta3VYTDcxUUROWFFFN1wvMVBBWE1HUVJpd0pBTDl6NjhhK21VdHR4SDRyYkxxRzZXUVhxU0JmUGpiQklNR3VxNEhwSUFNZFwvelo4a0lhb3J3NnEwUTloTlpUejNqU0hFdGxMQWppeFhIdGlEcUE1RHczSkNUOWVPTW9Yb3JxdFwvek1SZmZTd2hSNVltZ1cxeDdpSVoyS29DUUtSTlg0dlg1VHY2akYwRTdnb2NpWU4zM3dmQUVDTjNDdUEyNVVsUUZoOVB2VUtGNzVpN3o0Z2NDalZlclk3TlVDaitnb3l3VndtaDNKaFVndXVjMlpJZ0l2K2VobGFuWGcwYUxjSWpldW1iYldLRzM5ZWIxdk5LSEVUdHFUZlZsbnl4TkJkYkdJQU9uTjlNdk1CclVRcTZIZElQTkVFQTdvZTlYbHhHRmNTT29tNFVVaDNWbTJSUlRIeFpiNEpMVjY5eTh2dkRCZlgyZmdOdHJzNFwvd1R4MU42STh0T1J3Z05hR1B2MW10d2tWRXV2c3pxQmZ4YXdBdnBnbXlhWVVMQTZCZWhXU09HWFwvaEZcL1o3UWVVZGJZYWtVcHNNREZ4R2VWT2paN09rQ2F0NXBCWT0iLCJtYWMiOiI5MDI5MmY1YTJjZDUxYTM2YjRmODAyYjU5ZGVhZmEzZDgzYmEwNDdjMjJjZWM0MjdhNzc0MTRmZmQ5OTBiOWNkIn0%3D; expires=Tue, 15-Nov-2022 06:06:21 GMT; Max-Age=600; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.rosaselvagemacido.com | 54.165.15.136 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.rosaselvagemacido.com IP54.165.15.136:0
POST /v1/devices/widgets?referer=https%3A//seguro.rosaselvagemacido.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: application/json
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: public_get_session_widget
access-control-allow-origin: https://seguro.rosaselvagemacido.com
access-control-allow-credentials: true
set-cookie: profile=1668491783645;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: f4c7d74f-df50-4913-ae09-cc6660f2a744
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f?background=armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D | 54.230.111.112 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f?background=armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D IP54.230.111.112:0
GET /jms/lgz/background/session/armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f?background=armor.03646babe94a3ae8ccae9c49e4c8b36662f8406b66dfb85e2839da63596a99cff2301c76d8e29e2f37920f928636078edfa499813ef56286bcf66fc2f3f5ee3a57e7a1d03e299df5628166fcc1d15e87cf4431de51097a3d8022c1dec6f8b752.4342f4c9bda888ef125d42f545b1c57f&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 15 Nov 2022 05:56:25 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=888ffbad-1a77-4965-8739-824f1f1f70b6-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:25 GMT
dsid=972497c7-4ce8-41d6-b2c1-715ac980bf48-1668491785644;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=2829e429-7c9d-4622-a848-2550ebea3026-1668491785644;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 16
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 888ffbad-1a77-4965-8739-824f1f1f70b6
x-request-device-id: 888ffbad-1a77-4965-8739-824f1f1f70b6
x-d2id: 888ffbad-1a77-4965-8739-824f1f1f70b6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vm1ZrE4gXdO7IKe1GqYZ9tRbcljUsMR-1YlTraH1QY1nLjS7OcKNgQ==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70?background=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D | 54.230.111.112 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70?background=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D IP54.230.111.112:0
GET /jms/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70?background=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 15 Nov 2022 05:56:25 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=4f53e9a8-23aa-4aaa-969c-329748f3d272-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:25 GMT
dsid=1afed578-2b3e-4f5e-83b2-c32366411ebb-1668491785662;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=e3d9fa30-84b5-476d-bba5-73f0febcd364-1668491785662;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 10
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 4f53e9a8-23aa-4aaa-969c-329748f3d272
x-request-device-id: 4f53e9a8-23aa-4aaa-969c-329748f3d272
x-d2id: 4f53e9a8-23aa-4aaa-969c-329748f3d272
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3vT4bcz-sx5ji_XCp6aYVDmAN_d0l5JnXkt_ImKn3b_7kIh4hMVdSA==
X-Firefox-Spdy: h2
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 | 172.67.72.14 | 200 OK | 0 B |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 IP172.67.72.14:0
GET /checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: text/css
x-amz-id-2: YA1eDbyiFw9F7lvoHKFMrUFI+rzs4fWeaPTK8HBrcIojzp1Ze0GAqZwjGyO3EOKzm5Y2nWL5dqs=
x-amz-request-id: P208087TQ0JZ3MS4
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: 5lxShk4xe0C8IXXkoQQWK8S_0jFPf.GV
etag: W/"78c7a473b51f1cc2067d1b8860950b25"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhBM2isNk%2BVolNCzJE5Zjy%2BDsoOoXrvnoTqpW4KsYN8fKBTJtWsQzbJU8empBCXC%2BBzA15nQ9RlXSwAVdgXrO07nKwGpdgVx9g99IN50igZiD9drYbPdTCN%2BTXI05ohGNN4aEGAYFxK3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be49dba90b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap IP142.250.74.10:0
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 05:56:22 GMT
date: Tue, 15 Nov 2022 05:56:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.mercadopago.com/v2/security.js | 54.230.111.66 | 200 OK | 0 B |
URL HTTP/2www.mercadopago.com/v2/security.js IP54.230.111.66:0
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 05:56:23 GMT
set-cookie: _d2id=cc6590fc-466c-4a5d-bf1d-ae0aab7e341a-n; Path=/; Domain=.mercadopago.com; Expires=Wed, 15 Nov 2023 05:56:23 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: cc6590fc-466c-4a5d-bf1d-ae0aab7e341a
x-request-device-id: cc6590fc-466c-4a5d-bf1d-ae0aab7e341a
x-d2id: cc6590fc-466c-4a5d-bf1d-ae0aab7e341a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UvEb55mNNb6d_G6wU3DJd_qtb5MBOUAzJlnHaW48nT5INgYOTnRrtw==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70 | 54.230.111.112 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70 IP54.230.111.112:0
GET /jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Tue, 15 Nov 2022 05:56:25 GMT
server: Tengine
set-cookie: _d2id=9874d2cb-dc7e-4d02-aeaa-240ffd969a68-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:25 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 9874d2cb-dc7e-4d02-aeaa-240ffd969a68
x-request-device-id: 9874d2cb-dc7e-4d02-aeaa-240ffd969a68
x-d2id: 9874d2cb-dc7e-4d02-aeaa-240ffd969a68
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9bbRdOP1PjkjujPfWgs6WSrKdfVPx6heMXmm3ci3Zdr4K1HbAQCXCQ==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJmYWFiNmIyYS1mODNkLTRlZmEtYmJkYi1lNjgxYTcyMzc5NjEtMTY2ODQ5MTc4NTY0MyIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZjMwMzljMDYtYzc2Ni00NWEyLWI1ODEtMTJkMzI1OGZiNTU4LTE2Njg0OTE3ODU2NDMifQ%3D%3D%22%7D&callback=dp_jsonp.process | 54.230.111.112 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJmYWFiNmIyYS1mODNkLTRlZmEtYmJkYi1lNjgxYTcyMzc5NjEtMTY2ODQ5MTc4NTY0MyIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZjMwMzljMDYtYzc2Ni00NWEyLWI1ODEtMTJkMzI1OGZiNTU4LTE2Njg0OTE3ODU2NDMifQ%3D%3D%22%7D&callback=dp_jsonp.process IP54.230.111.112:0
GET /jms/lgz/background/session/armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiJmYWFiNmIyYS1mODNkLTRlZmEtYmJkYi1lNjgxYTcyMzc5NjEtMTY2ODQ5MTc4NTY0MyIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZjMwMzljMDYtYzc2Ni00NWEyLWI1ODEtMTJkMzI1OGZiNTU4LTE2Njg0OTE3ODU2NDMifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.3b5231962b6eb33751dad947aabd9faa552c41105084bc78d7b42dd9f256350003ad6fe7a3468fe42d37125be7d976d87432e16a5888e9f97d1231d1bbfa1980c3d3b03e62f1cfdc2be80c820767afb5d98f6a0382f5c576b06b2b02294a9055.98d4645387df8c330fcce752d21c7b70
Connection: keep-alive
Cookie: dsid=1afed578-2b3e-4f5e-83b2-c32366411ebb-1668491785662; edsid=e3d9fa30-84b5-476d-bba5-73f0febcd364-1668491785662
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Tue, 15 Nov 2022 05:56:26 GMT
server: Tengine
set-cookie: _d2id=26df3626-1075-41a1-876b-5351e5d9b91e-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 15 Nov 2023 05:56:26 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 7
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 26df3626-1075-41a1-876b-5351e5d9b91e
x-request-device-id: 26df3626-1075-41a1-876b-5351e5d9b91e
x-d2id: 26df3626-1075-41a1-876b-5351e5d9b91e
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3lgFC3UjCt5UKjek0lOnBhJv1xGIsJMltYNPxGmWUJljlnSI2pmMBA==
X-Firefox-Spdy: h2
|
|
| seguro.rosaselvagemacido.com/api/v1/pixels/events | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.rosaselvagemacido.com/api/v1/pixels/events IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjkzYjc0OGMwZjljZmE4ZmQiLCJ0ciI6IjQ5MzdhOWI1MDVjODZjNzM5ZTc2NmE0MmMwYWEzNmFhIiwidGkiOjE2Njg0OTE3ODMyMTh9fQ==
traceparent: 00-4937a9b505c86c739e766a42c0aa36aa-93b748c0f9cfa8fd-01
tracestate: 2935249@nr=0-1-2935249-1134170823-93b748c0f9cfa8fd----1668491783218
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 246
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IktmWThBMmMyMDFwSFFYbGRMTmRLZXc9PSIsInZhbHVlIjoidmVQSDlvNlErV1hEcDNidnlQd0p5clRIRkg2MUNyaXNzd0o4aklOQnJ6M1RvVk4rY24rS3Z2Q2tCdElCWnJCc0twNDllZ0w4WFNNV0JTRnpzXC8wUUpnPT0iLCJtYWMiOiI5NWEzNDU2OTEyM2JlYzJhOWI2OWRiOWVhZjJkNGQ2NTUzZTY5MWM5YzFhZjgyODQ2YjdlNjcxZTI0NTZkNTU3In0%3D; bubbstore_checkout=eyJpdiI6IldcL1pQM2V3MmJVOHd0UlFGeWNmUkZ3PT0iLCJ2YWx1ZSI6IitNZGJhaVluTFNxU1wvd2NEYnZjamdXamVVRTliRThZYVFDT2xuZldPMHI4U1diUWhhZzlcL1lzTHlabzFTcjYreDJHY3FLeld4S1grXC8ySXFFdkkwcThnPT0iLCJtYWMiOiIxYTg4ZGYxZjYzMWY4YjFmOWUxNGUzZDVmOTViZTg2YWZhZTFhZjc2NTUyMDE4NWRmY2Q5MGU1ZWM4YWZlYWI2In0%3D; cleanskinbr2_cart=eyJpdiI6IlFydjBmRlVHeHVHNnlwRzFpWDB1V1E9PSIsInZhbHVlIjoiSmg2dXFscUxKSGliekI3dSszanBubkFhSGNcLzNnZXVxVlEwTzNSQ0g4bWNORTZHWnhFakxuenJmZkNWR3N0TGhkVHFcL0JRNGxCbTIyeWNxSWVCU1ZkQT09IiwibWFjIjoiNGRhODNiM2JlMTljNzY4ZDg2Nzc1MjI0YmRiYzAyYjQ0MmRhYmIwMDQ4YzAxMWQ0YmNiNjA5NmJkODdiYTM1MiJ9; cart_auth_273178189=eyJpdiI6IjdXcThNMml2cDRUT2NZekJGc3VTOVE9PSIsInZhbHVlIjoibmZUNzdWcVJjbk1FaXZLSFliVHhhV2xBUzBkUTJ2ZitjNVhadjlwbzhyT2VRMVRyb1IxY0lXQnY3bHVzSTU1S1hUb0VBbGNwZWlmc3BteHVkOU1HYmlmNEt0dGVsVE5XQTd2QlhaUm9LcnppaGdYQ0NCZ1ZvSzFZbGNaOXR6YWlyeDJUVFlubWNETlRvVVV0TW81NkhWZGd4M3lwbFNiNDMycHdta3VYTDcxUUROWFFFN1wvMVBBWE1HUVJpd0pBTDl6NjhhK21VdHR4SDRyYkxxRzZXUVhxU0JmUGpiQklNR3VxNEhwSUFNZFwvelo4a0lhb3J3NnEwUTloTlpUejNqU0hFdGxMQWppeFhIdGlEcUE1RHczSkNUOWVPTW9Yb3JxdFwvek1SZmZTd2hSNVltZ1cxeDdpSVoyS29DUUtSTlg0dlg1VHY2akYwRTdnb2NpWU4zM3dmQUVDTjNDdUEyNVVsUUZoOVB2VUtGNzVpN3o0Z2NDalZlclk3TlVDaitnb3l3VndtaDNKaFVndXVjMlpJZ0l2K2VobGFuWGcwYUxjSWpldW1iYldLRzM5ZWIxdk5LSEVUdHFUZlZsbnl4TkJkYkdJQU9uTjlNdk1CclVRcTZIZElQTkVFQTdvZTlYbHhHRmNTT29tNFVVaDNWbTJSUlRIeFpiNEpMVjY5eTh2dkRCZlgyZmdOdHJzNFwvd1R4MU42STh0T1J3Z05hR1B2MW10d2tWRXV2c3pxQmZ4YXdBdnBnbXlhWVVMQTZCZWhXU09HWFwvaEZcL1o3UWVVZGJZYWtVcHNNREZ4R2VWT2paN09rQ2F0NXBCWT0iLCJtYWMiOiI5MDI5MmY1YTJjZDUxYTM2YjRmODAyYjU5ZGVhZmEzZDgzYmEwNDdjMjJjZWM0MjdhNzc0MTRmZmQ5OTBiOWNkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkNFSldlYmxrOUtGbm9WczNjM3ZhSVE9PSIsInZhbHVlIjoiR3J0RFFiUW1YM1JwY0pxRnJRdWxzeVd1NXBSVnpPcVdhalJrYTk4V3Nvam5CdkFHZ0dmUjlYQ0NcL2cwXC95emlBNkxpY1Y0XC9Ua3A5b0J1dTdCOHl1dGc9PSIsIm1hYyI6IjE3MjQzYWYzY2NkZGQ1ODlkNmFiNjdiMjUwMThmMDkwYmZiN2VkNTFhNTdkOThkZWQ1MWZkM2VmNzc3ZjBkYjQifQ%3D%3D; expires=Tue, 15-Nov-2022 08:56:23 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImhtWVdrR1Z4RVNNR204NmZwN2UwSFE9PSIsInZhbHVlIjoiM1gzdG5BbE9XOXBlc05SK2NKWUpZNGY3aVNuUk9FXC9nTTZoQkZKWk9Ea1hFNGFTdnRPNFN0c1JhZElrQStQVWZsQ3M3VjFnY1A2ak5TWXBhQXRJM1wvQT09IiwibWFjIjoiNjc4NDVmYTVmMzRkNDFmNzRjMjBhNTI0NGMwNTc1MGYzZDZhZTU0NjIyZGYwNzc0YzBjOGI4MGI3ZGEyMmM1YyJ9; expires=Tue, 15-Nov-2022 08:56:23 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| seguro.rosaselvagemacido.com/e/t | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.rosaselvagemacido.com/e/t IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /e/t HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjczMWQzNWQwYWEzYTIwMmUiLCJ0ciI6ImEzMjBmZDc5OGNhZGYzMmFhNGI2OGM5NGRlNTFhYjhiIiwidGkiOjE2Njg0OTE3ODMyMjF9fQ==
traceparent: 00-a320fd798cadf32aa4b68c94de51ab8b-731d35d0aa3a202e-01
tracestate: 2935249@nr=0-1-2935249-1134170823-731d35d0aa3a202e----1668491783221
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 375
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IktmWThBMmMyMDFwSFFYbGRMTmRLZXc9PSIsInZhbHVlIjoidmVQSDlvNlErV1hEcDNidnlQd0p5clRIRkg2MUNyaXNzd0o4aklOQnJ6M1RvVk4rY24rS3Z2Q2tCdElCWnJCc0twNDllZ0w4WFNNV0JTRnpzXC8wUUpnPT0iLCJtYWMiOiI5NWEzNDU2OTEyM2JlYzJhOWI2OWRiOWVhZjJkNGQ2NTUzZTY5MWM5YzFhZjgyODQ2YjdlNjcxZTI0NTZkNTU3In0%3D; bubbstore_checkout=eyJpdiI6IldcL1pQM2V3MmJVOHd0UlFGeWNmUkZ3PT0iLCJ2YWx1ZSI6IitNZGJhaVluTFNxU1wvd2NEYnZjamdXamVVRTliRThZYVFDT2xuZldPMHI4U1diUWhhZzlcL1lzTHlabzFTcjYreDJHY3FLeld4S1grXC8ySXFFdkkwcThnPT0iLCJtYWMiOiIxYTg4ZGYxZjYzMWY4YjFmOWUxNGUzZDVmOTViZTg2YWZhZTFhZjc2NTUyMDE4NWRmY2Q5MGU1ZWM4YWZlYWI2In0%3D; cleanskinbr2_cart=eyJpdiI6IlFydjBmRlVHeHVHNnlwRzFpWDB1V1E9PSIsInZhbHVlIjoiSmg2dXFscUxKSGliekI3dSszanBubkFhSGNcLzNnZXVxVlEwTzNSQ0g4bWNORTZHWnhFakxuenJmZkNWR3N0TGhkVHFcL0JRNGxCbTIyeWNxSWVCU1ZkQT09IiwibWFjIjoiNGRhODNiM2JlMTljNzY4ZDg2Nzc1MjI0YmRiYzAyYjQ0MmRhYmIwMDQ4YzAxMWQ0YmNiNjA5NmJkODdiYTM1MiJ9; cart_auth_273178189=eyJpdiI6IjdXcThNMml2cDRUT2NZekJGc3VTOVE9PSIsInZhbHVlIjoibmZUNzdWcVJjbk1FaXZLSFliVHhhV2xBUzBkUTJ2ZitjNVhadjlwbzhyT2VRMVRyb1IxY0lXQnY3bHVzSTU1S1hUb0VBbGNwZWlmc3BteHVkOU1HYmlmNEt0dGVsVE5XQTd2QlhaUm9LcnppaGdYQ0NCZ1ZvSzFZbGNaOXR6YWlyeDJUVFlubWNETlRvVVV0TW81NkhWZGd4M3lwbFNiNDMycHdta3VYTDcxUUROWFFFN1wvMVBBWE1HUVJpd0pBTDl6NjhhK21VdHR4SDRyYkxxRzZXUVhxU0JmUGpiQklNR3VxNEhwSUFNZFwvelo4a0lhb3J3NnEwUTloTlpUejNqU0hFdGxMQWppeFhIdGlEcUE1RHczSkNUOWVPTW9Yb3JxdFwvek1SZmZTd2hSNVltZ1cxeDdpSVoyS29DUUtSTlg0dlg1VHY2akYwRTdnb2NpWU4zM3dmQUVDTjNDdUEyNVVsUUZoOVB2VUtGNzVpN3o0Z2NDalZlclk3TlVDaitnb3l3VndtaDNKaFVndXVjMlpJZ0l2K2VobGFuWGcwYUxjSWpldW1iYldLRzM5ZWIxdk5LSEVUdHFUZlZsbnl4TkJkYkdJQU9uTjlNdk1CclVRcTZIZElQTkVFQTdvZTlYbHhHRmNTT29tNFVVaDNWbTJSUlRIeFpiNEpMVjY5eTh2dkRCZlgyZmdOdHJzNFwvd1R4MU42STh0T1J3Z05hR1B2MW10d2tWRXV2c3pxQmZ4YXdBdnBnbXlhWVVMQTZCZWhXU09HWFwvaEZcL1o3UWVVZGJZYWtVcHNNREZ4R2VWT2paN09rQ2F0NXBCWT0iLCJtYWMiOiI5MDI5MmY1YTJjZDUxYTM2YjRmODAyYjU5ZGVhZmEzZDgzYmEwNDdjMjJjZWM0MjdhNzc0MTRmZmQ5OTBiOWNkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:24 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjVMR3p6ZXdYM2lGWWVXOTZFVzNISGc9PSIsInZhbHVlIjoieFNzaDVLOVdwYnBcLzZDXC9ERU5FeVJrYmtKanIwZ3c3MldLdU5LYUdPb0tyYzAyV1l4cXBnT3RHMzg5VzJHdnVORDJyaFQ0WkJYQWl5TEVhNEQ5czZvZz09IiwibWFjIjoiNmE5OTc1NTlhZDc4ZDk4NTg1MDU0ODI0ZWIwODdiYWE0NWQyMzM3MjdkZjFmZjNhYTZjZTRiMzk1ODk1ZjE4ZSJ9; expires=Tue, 15-Nov-2022 08:56:24 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IitaV1hVYldEWVZoYWdMcVwvVVhCQTVRPT0iLCJ2YWx1ZSI6Ijl4ZjBySmF0Z3IyaHNXRlczdVo1YVVFOWZTNGlPZ25seDJYQVdqdkJJQmdrN3N6c0FCSHpwcDgySlFSTEpDNFdNWUxPWVJPSTZuU3JjMDI1NGNmbmVnPT0iLCJtYWMiOiI4MDU0OWJkNzE2NGVmZDA5OWM1MjgxZTI5ODJkMTE5MWY2Y2VhODUwNjUzNjM4MzYzZTA0NDZiZWQ4MTk1NWZhIn0%3D; expires=Tue, 15-Nov-2022 08:56:24 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRDwkGHh5UFUMEUFdaXVMBUV5XClEDBwBVFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb | 172.67.72.14 | 200 OK | 0 B |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb IP172.67.72.14:0
GET /checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: application/javascript
x-amz-id-2: NRHsa6qucHQaiD3sC5dsd4mSTMl5ptA1rb1WB9pZudapWSWc7E9FXAqQiJ6YpdV9UR90y0pT+ZM=
x-amz-request-id: P200TN7ZJ2GWP78Q
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: vBH8I8U4Fk_cBjCH4K7uyIx8AtomnPkt
etag: W/"634f1880f47f3e97d885f3f34d5bf07b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx6942ozKQHfvzkL49E9VOefZ%2Ff37ovpHpFkZ1oSJ5vD6ALjPD61fnh1Y5SUZQG8jRUhc1JufUWoi9iRKsVQEBoS7aNtfd8Do0MYgdm%2BRWqKacGT9mACApd%2BZRrNmfxRGsmPi6iPkxAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be4a1bc30b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.dooki.com.br/fa/4.7.0/fa.css | 104.18.1.53 | 200 OK | 0 B |
URL HTTP/2fonts.dooki.com.br/fa/4.7.0/fa.css IP104.18.1.53:0
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 875
expires: Wed, 23 Nov 2022 05:56:22 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be4a1972b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.yampi.me/jquery/jquery.js | 172.67.72.14 | 200 OK | 0 B |
URL HTTP/2cdn.yampi.me/jquery/jquery.js IP172.67.72.14:0
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:22 GMT
content-type: application/javascript
x-amz-id-2: m2m2us2B9/usU9VuUjz6egUrfKjmakdsSqWzXQuJsu/bs1myfLyXyItfOA8fG4f1tCzqOsoVyjQ=
x-amz-request-id: TTD2TS6D8QRJJ9QV
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4546
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk43WQ78vtcKDKM%2BI8Kuc8qp%2BJKQrjNjopjvBpYs16cdr4poCwZhHtJOatXrzs%2F4VO7y%2Fl5ZcF8ttjiul%2BIqWtfggcCL5prj%2BK8Ev6SRKdAHtq48pMrZMS7ANkPpbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a5be4a1bc50b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| seguro.rosaselvagemacido.com/cart/recomm | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.rosaselvagemacido.com/cart/recomm IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cart/recomm HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjNkY2RmNzJlZjBlOGE3YWEiLCJ0ciI6ImY4YTYwYzA1YTllMWI2MzYxMmFkY2FmZTY1YWZmNzFhIiwidGkiOjE2Njg0OTE3ODMyMTF9fQ==
traceparent: 00-f8a60c05a9e1b63612adcafe65aff71a-3dcdf72ef0e8a7aa-01
tracestate: 2935249@nr=0-1-2935249-1134170823-3dcdf72ef0e8a7aa----1668491783211
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IktmWThBMmMyMDFwSFFYbGRMTmRLZXc9PSIsInZhbHVlIjoidmVQSDlvNlErV1hEcDNidnlQd0p5clRIRkg2MUNyaXNzd0o4aklOQnJ6M1RvVk4rY24rS3Z2Q2tCdElCWnJCc0twNDllZ0w4WFNNV0JTRnpzXC8wUUpnPT0iLCJtYWMiOiI5NWEzNDU2OTEyM2JlYzJhOWI2OWRiOWVhZjJkNGQ2NTUzZTY5MWM5YzFhZjgyODQ2YjdlNjcxZTI0NTZkNTU3In0%3D; bubbstore_checkout=eyJpdiI6IldcL1pQM2V3MmJVOHd0UlFGeWNmUkZ3PT0iLCJ2YWx1ZSI6IitNZGJhaVluTFNxU1wvd2NEYnZjamdXamVVRTliRThZYVFDT2xuZldPMHI4U1diUWhhZzlcL1lzTHlabzFTcjYreDJHY3FLeld4S1grXC8ySXFFdkkwcThnPT0iLCJtYWMiOiIxYTg4ZGYxZjYzMWY4YjFmOWUxNGUzZDVmOTViZTg2YWZhZTFhZjc2NTUyMDE4NWRmY2Q5MGU1ZWM4YWZlYWI2In0%3D; cleanskinbr2_cart=eyJpdiI6IlFydjBmRlVHeHVHNnlwRzFpWDB1V1E9PSIsInZhbHVlIjoiSmg2dXFscUxKSGliekI3dSszanBubkFhSGNcLzNnZXVxVlEwTzNSQ0g4bWNORTZHWnhFakxuenJmZkNWR3N0TGhkVHFcL0JRNGxCbTIyeWNxSWVCU1ZkQT09IiwibWFjIjoiNGRhODNiM2JlMTljNzY4ZDg2Nzc1MjI0YmRiYzAyYjQ0MmRhYmIwMDQ4YzAxMWQ0YmNiNjA5NmJkODdiYTM1MiJ9; cart_auth_273178189=eyJpdiI6IjdXcThNMml2cDRUT2NZekJGc3VTOVE9PSIsInZhbHVlIjoibmZUNzdWcVJjbk1FaXZLSFliVHhhV2xBUzBkUTJ2ZitjNVhadjlwbzhyT2VRMVRyb1IxY0lXQnY3bHVzSTU1S1hUb0VBbGNwZWlmc3BteHVkOU1HYmlmNEt0dGVsVE5XQTd2QlhaUm9LcnppaGdYQ0NCZ1ZvSzFZbGNaOXR6YWlyeDJUVFlubWNETlRvVVV0TW81NkhWZGd4M3lwbFNiNDMycHdta3VYTDcxUUROWFFFN1wvMVBBWE1HUVJpd0pBTDl6NjhhK21VdHR4SDRyYkxxRzZXUVhxU0JmUGpiQklNR3VxNEhwSUFNZFwvelo4a0lhb3J3NnEwUTloTlpUejNqU0hFdGxMQWppeFhIdGlEcUE1RHczSkNUOWVPTW9Yb3JxdFwvek1SZmZTd2hSNVltZ1cxeDdpSVoyS29DUUtSTlg0dlg1VHY2akYwRTdnb2NpWU4zM3dmQUVDTjNDdUEyNVVsUUZoOVB2VUtGNzVpN3o0Z2NDalZlclk3TlVDaitnb3l3VndtaDNKaFVndXVjMlpJZ0l2K2VobGFuWGcwYUxjSWpldW1iYldLRzM5ZWIxdk5LSEVUdHFUZlZsbnl4TkJkYkdJQU9uTjlNdk1CclVRcTZIZElQTkVFQTdvZTlYbHhHRmNTT29tNFVVaDNWbTJSUlRIeFpiNEpMVjY5eTh2dkRCZlgyZmdOdHJzNFwvd1R4MU42STh0T1J3Z05hR1B2MW10d2tWRXV2c3pxQmZ4YXdBdnBnbXlhWVVMQTZCZWhXU09HWFwvaEZcL1o3UWVVZGJZYWtVcHNNREZ4R2VWT2paN09rQ2F0NXBCWT0iLCJtYWMiOiI5MDI5MmY1YTJjZDUxYTM2YjRmODAyYjU5ZGVhZmEzZDgzYmEwNDdjMjJjZWM0MjdhNzc0MTRmZmQ5OTBiOWNkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:24 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6InU2cmFyVU9HRG5sYzdINjkrRVYwY3c9PSIsInZhbHVlIjoiZkhuQWFhZUMxNVFBbUJ0WVwvS1h1MDE3T1dNNmR3MmIxUThHWlZ4NFZJZDU3UzBMc05ZVDdIZ1MyTXpMWjlsYkY1WFlcL3pcL0ZFWUZGQ1wvOWhjNk1xQXBBPT0iLCJtYWMiOiI3MWYyZDA5OTAyM2U0MmZhYjg0OGY0NjhkMzlkMTQwMjc3OGQ2YWMyZWFlYTc5M2RmYmMwOTZmOGRkMDM5M2EwIn0%3D; expires=Tue, 15-Nov-2022 08:56:23 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InlrY1pFcnlXbnlYa1pFTFBVc3NCdEE9PSIsInZhbHVlIjoieU9BUXd2ME1yNldPY1FYVlR4RWVuYkljT1wvbld2dUlpeGoxOVJDdENqcmVYSXBsV2ZuN0J3WllsY3ZcLzhhODRLNzVUQUZMSzQwa1U2ODFuc3NES05pdz09IiwibWFjIjoiNzk2ZDdhNjA5YTdhMDYwMjBiODhiOWQyOTJmMzNlNDY4OTU5MTdiOWZlYmMwMjc5Y2MxZmM3NzA2MDc2YjJmYSJ9; expires=Tue, 15-Nov-2022 08:56:23 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYFB1QVTABNEVYHAQBSAwBaVgBUUVAFA1ZESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| seguro.rosaselvagemacido.com/e/t | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.rosaselvagemacido.com/e/t IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /e/t HTTP/1.1
Host: seguro.rosaselvagemacido.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjM0YjYwMWQ0YjM5OGIyYzEiLCJ0ciI6IjdmYjFlMjg3ZWYwZDQxNWU0ODQzNTlhYzQwZTAxNDFlIiwidGkiOjE2Njg0OTE3ODMyMjN9fQ==
traceparent: 00-7fb1e287ef0d415e484359ac40e0141e-34b601d4b398b2c1-01
tracestate: 2935249@nr=0-1-2935249-1134170823-34b601d4b398b2c1----1668491783223
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 367
Origin: https://seguro.rosaselvagemacido.com
Connection: keep-alive
Referer: https://seguro.rosaselvagemacido.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IktmWThBMmMyMDFwSFFYbGRMTmRLZXc9PSIsInZhbHVlIjoidmVQSDlvNlErV1hEcDNidnlQd0p5clRIRkg2MUNyaXNzd0o4aklOQnJ6M1RvVk4rY24rS3Z2Q2tCdElCWnJCc0twNDllZ0w4WFNNV0JTRnpzXC8wUUpnPT0iLCJtYWMiOiI5NWEzNDU2OTEyM2JlYzJhOWI2OWRiOWVhZjJkNGQ2NTUzZTY5MWM5YzFhZjgyODQ2YjdlNjcxZTI0NTZkNTU3In0%3D; bubbstore_checkout=eyJpdiI6IldcL1pQM2V3MmJVOHd0UlFGeWNmUkZ3PT0iLCJ2YWx1ZSI6IitNZGJhaVluTFNxU1wvd2NEYnZjamdXamVVRTliRThZYVFDT2xuZldPMHI4U1diUWhhZzlcL1lzTHlabzFTcjYreDJHY3FLeld4S1grXC8ySXFFdkkwcThnPT0iLCJtYWMiOiIxYTg4ZGYxZjYzMWY4YjFmOWUxNGUzZDVmOTViZTg2YWZhZTFhZjc2NTUyMDE4NWRmY2Q5MGU1ZWM4YWZlYWI2In0%3D; cleanskinbr2_cart=eyJpdiI6IlFydjBmRlVHeHVHNnlwRzFpWDB1V1E9PSIsInZhbHVlIjoiSmg2dXFscUxKSGliekI3dSszanBubkFhSGNcLzNnZXVxVlEwTzNSQ0g4bWNORTZHWnhFakxuenJmZkNWR3N0TGhkVHFcL0JRNGxCbTIyeWNxSWVCU1ZkQT09IiwibWFjIjoiNGRhODNiM2JlMTljNzY4ZDg2Nzc1MjI0YmRiYzAyYjQ0MmRhYmIwMDQ4YzAxMWQ0YmNiNjA5NmJkODdiYTM1MiJ9; cart_auth_273178189=eyJpdiI6IjdXcThNMml2cDRUT2NZekJGc3VTOVE9PSIsInZhbHVlIjoibmZUNzdWcVJjbk1FaXZLSFliVHhhV2xBUzBkUTJ2ZitjNVhadjlwbzhyT2VRMVRyb1IxY0lXQnY3bHVzSTU1S1hUb0VBbGNwZWlmc3BteHVkOU1HYmlmNEt0dGVsVE5XQTd2QlhaUm9LcnppaGdYQ0NCZ1ZvSzFZbGNaOXR6YWlyeDJUVFlubWNETlRvVVV0TW81NkhWZGd4M3lwbFNiNDMycHdta3VYTDcxUUROWFFFN1wvMVBBWE1HUVJpd0pBTDl6NjhhK21VdHR4SDRyYkxxRzZXUVhxU0JmUGpiQklNR3VxNEhwSUFNZFwvelo4a0lhb3J3NnEwUTloTlpUejNqU0hFdGxMQWppeFhIdGlEcUE1RHczSkNUOWVPTW9Yb3JxdFwvek1SZmZTd2hSNVltZ1cxeDdpSVoyS29DUUtSTlg0dlg1VHY2akYwRTdnb2NpWU4zM3dmQUVDTjNDdUEyNVVsUUZoOVB2VUtGNzVpN3o0Z2NDalZlclk3TlVDaitnb3l3VndtaDNKaFVndXVjMlpJZ0l2K2VobGFuWGcwYUxjSWpldW1iYldLRzM5ZWIxdk5LSEVUdHFUZlZsbnl4TkJkYkdJQU9uTjlNdk1CclVRcTZIZElQTkVFQTdvZTlYbHhHRmNTT29tNFVVaDNWbTJSUlRIeFpiNEpMVjY5eTh2dkRCZlgyZmdOdHJzNFwvd1R4MU42STh0T1J3Z05hR1B2MW10d2tWRXV2c3pxQmZ4YXdBdnBnbXlhWVVMQTZCZWhXU09HWFwvaEZcL1o3UWVVZGJZYWtVcHNNREZ4R2VWT2paN09rQ2F0NXBCWT0iLCJtYWMiOiI5MDI5MmY1YTJjZDUxYTM2YjRmODAyYjU5ZGVhZmEzZDgzYmEwNDdjMjJjZWM0MjdhNzc0MTRmZmQ5OTBiOWNkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 05:56:23 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjRjdFFZNlZJeGtkc0x2UFZLVzM0eGc9PSIsInZhbHVlIjoiZzl1dzRkTjJ2XC9CbjFLWGRmbU1HNmdySjcwUld0bXpYU1VXUjAxOWY3RHliUUxLM2pheTlKbjc0WHA1ZXVCOUVrUjROWWpnWHJMMk9OczFHemxpTE5BPT0iLCJtYWMiOiJiNDQwYWZjNGE2NDY5NjI4ODI3YTM1MTMwZmU2OGQ1Y2QxYzY1MzA1MGRlNmM0MjkwMTk2YWU4OGUzM2NmODdhIn0%3D; expires=Tue, 15-Nov-2022 08:56:23 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ijg1WVlFMHpwR0tHd1hiR3RpK25DRGc9PSIsInZhbHVlIjoiY1RTNGh6a2tUdkE2OFJaUjd2cGFaRjEwZU9sZThYeEpZZytETjduNGJLYUlvT3lNUFBSQnhGZ0psSFZFUUtpVkMzMjNTNXdpVDAydUNteXhwMkFsdHc9PSIsIm1hYyI6IjcyOWY2MDY2NDNmODFiMjg1YTdkNWI4YjhhYTZkMGZmZGQ0Y2Y1NGU1M2E5MTYzYTgzMWRlZTc5NmU5NTU3NDEifQ%3D%3D; expires=Tue, 15-Nov-2022 08:56:23 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApQCwoEHh5UFUMJBVIGUwZUBAVVDVAEV1UGFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|