Overview

URLseguro.caixamisteriosa.net/checkout/payment?cart_token=dcccfb70-6b9e-11ed-8c0d-0209f11817a0-637ed56d2b722&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=cb1d01f0-6b9e-11ed-ba77-3dc58798b9bc
IP 170.82.173.30 (Brazil)
ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-24 05:00:44 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (25)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
cdn.yampi.me (1) 309436 2019-12-08 15:51:20 UTC 2022-11-22 20:57:22 UTC 104.26.3.88
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-23 05:36:31 UTC 34.102.187.140
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-23 12:04:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
s3.sa-east-1.amazonaws.com (1) 60686 2017-11-14 13:15:14 UTC 2022-11-24 04:11:19 UTC 52.95.164.124
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 157.240.200.14
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-23 10:22:58 UTC 142.250.74.10
cdn.yampi.io (1) 402975 2021-08-15 19:04:52 UTC 2022-11-24 04:30:24 UTC 104.18.14.227
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
ocsp.digicert.com (14) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.190.4
fonts.dooki.com.br (2) 829308 2018-12-07 21:56:32 UTC 2022-11-21 08:08:50 UTC 104.18.0.53
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-23 10:12:01 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-23 05:36:46 UTC 34.117.237.239
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-23 05:40:48 UTC 142.250.74.164
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-23 06:40:02 UTC 142.250.150.154
awesome-assets.yampi.me (2) 708511 2019-08-08 18:25:49 UTC 2022-11-21 08:08:50 UTC 104.26.3.88
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-23 11:10:52 UTC 142.250.74.174
seguro.caixamisteriosa.net (6) 0 No data No data 170.82.173.30 Unknown ranking
images.yampi.me (4) 955081 2019-07-25 14:01:06 UTC 2022-11-21 11:07:50 UTC 104.26.3.88
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
js.upnid.com (1) 0 2020-06-23 15:36:07 UTC 2022-11-15 23:23:49 UTC 130.211.14.112 Unknown ranking
analytics.tiktok.com (16) 1182 No data No data 23.36.79.17

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-24 2 seguro.caixamisteriosa.net/cart/recomm Phishing
2022-11-24 2 seguro.caixamisteriosa.net/e/t Phishing
2022-11-24 2 seguro.caixamisteriosa.net/e/t Phishing
2022-11-24 2 seguro.caixamisteriosa.net/checkout/address Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 170.82.173.30
Date UQ / IDS / BL URL IP
2023-02-04 05:55:59 +0000 0 - 2 - 0 seguro.lojafrancis.online/checkout/payment?ca (...) 170.82.173.30
2023-02-04 05:55:58 +0000 0 - 2 - 0 seguro.lojafrancis.online/cart?cart_token=sho (...) 170.82.173.30
2023-02-02 18:50:41 +0000 0 - 0 - 4 www.brinquedosbabebi.com.br/wp-includes/certi (...) 170.82.173.30
2023-02-02 16:18:53 +0000 0 - 0 - 2 seguro.king-ofertas.shop/cart?cart_token=55f8 (...) 170.82.173.30
2023-02-02 16:18:50 +0000 0 - 0 - 2 seguro.king-ofertas.shop/cart?cart_token=ab82 (...) 170.82.173.30


Last 5 reports on ASN: 3L CLOUD INTERNET SERVICES LTDA - EPP
Date UQ / IDS / BL URL IP
2023-02-04 05:56:07 +0000 0 - 0 - 5 seguro.liquidashoes.com.br/cart?cart_token=sh (...) 170.82.174.30
2023-02-04 05:56:06 +0000 0 - 0 - 5 seguro.liquidashoes.com.br/checkout/payment?c (...) 170.82.174.30
2023-02-04 05:55:59 +0000 0 - 2 - 0 seguro.lojafrancis.online/checkout/payment?ca (...) 170.82.173.30
2023-02-04 05:55:58 +0000 0 - 2 - 0 seguro.lojafrancis.online/cart?cart_token=sho (...) 170.82.173.30
2023-02-04 05:50:56 +0000 0 - 0 - 4 seguro.sg-multimarcas.com/checkout/payment?ca (...) 170.82.174.30


Last 5 reports on domain: caixamisteriosa.net
Date UQ / IDS / BL URL IP
2022-11-24 05:00:44 +0000 0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-11-24 04:40:41 +0000 0 - 0 - 2 seguro.caixamisteriosa.net/cart?cart_token=f7 (...) 170.82.173.30
2022-11-06 13:46:14 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/cart?cart_token=a0 (...) 170.82.173.30
2022-11-06 13:46:12 +0000 0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-10-27 04:20:43 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/cart?cart_token=90 (...) 170.82.174.30


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-02 21:35:26 +0000 0 - 0 - 4 linkcurto.co/qpfzbm3cctwcc 104.21.81.61

JavaScript

Executed Scripts (52)

Executed Evals (5)
#1 JavaScript::Eval (size: 18754) - SHA256: 9dc60f2d88746a809e751c0ff0c4fc4595e4f654ff45196cdf30e183c08a708f
(function() {
    var A = function(C, O, J, p, L, v) {
            if (C.C == C)
                for (L = w(C, J), 9 == J ? (J = function(l, z, I, b) {
                        if (I = (b = L.length, (b | 0) - 4 >> 3), L.Fl != I) {
                            I = (I << 3) - (z = [0, 0, v[1], v[L.Fl = I, 2]], 4);
                            try {
                                L.G7 = C8(z, Oc(I, L), Oc((I | 0) + 4, L))
                            } catch (t) {
                                throw t;
                            }
                        }
                        L.push(L.G7[b & 7] ^ l)
                    }, v = w(C, 498)) : J = function(l) {
                        L.push(l)
                    }, p && J(p & 255), C = O.length, p = 0; p < C; p++) J(O[p])
        },
        e = function(C, O) {
            O.K.splice(0, 0, C)
        },
        v_ = function(C, O) {
            return O = O.create().shift(), C.D.create().length || C.U.create().length || (C.D = void 0, C.U = void 0), O
        },
        Jx = function(C, O, J, p) {
            for (p = (J = H(O), 0); 0 < C; C--) p = p << 8 | K(O);
            V(J, O, p)
        },
        n = function(C, O, J, p) {
            for (p = (J = (O | 0) - 1, []); 0 <= J; J--) p[(O | 0) - 1 - (J | 0)] = C >> 8 * J & 255;
            return p
        },
        lo = function(C, O, J, p, L, v) {
            function l() {
                if (p.C == p) {
                    if (p.X) {
                        var z = [Y, O, C, void 0, L, v, arguments];
                        if (2 == J) var I = W(p, (e(z, p), false), false);
                        else if (1 == J) {
                            var b = !p.K.length;
                            e(z, p), b && W(p, false, false)
                        } else I = p8(z, p);
                        return I
                    }
                    L && v && L.removeEventListener(v, l, G)
                }
            }
            return l
        },
        zN = function(C, O) {
            return T[O](T.prototype, {
                prototype: C,
                pop: C,
                call: C,
                splice: C,
                floor: C,
                replace: C,
                propertyIsEnumerable: C,
                parent: C,
                length: C,
                stack: C,
                document: C,
                console: C
            })
        },
        N = function(C, O) {
            for (O = []; C--;) O.push(255 * Math.random() | 0);
            return O
        },
        W = function(C, O, J, p, L, v) {
            if (C.K.length) {
                C.O = !(C.K3 = (C.O && 0(), O), 0);
                try {
                    p = C.j(), C.o = p, C.R = p, C.u = 0, v = $c(C, O), L = C.j() - C.o, C.J += L, L < (J ? 0 : 10) || 0 >= C.S-- || (L = Math.floor(L), C.W.push(254 >= L ? L : 254))
                } finally {
                    C.O = false
                }
                return v
            }
        },
        Ic = function(C, O, J, p, L, v) {
            for (J = (L = ((p = (O = C[L8] || {}, H(C)), O).Xl = H(C), O.v = [], C).C == C ? (K(C) | 0) - 1 : 1, H(C)), v = 0; v < L; v++) O.v.push(H(C));
            for ((O.i = w(C, p), O).C3 = w(C, J); L--;) O.v[L] = w(C, O.v[L]);
            return O
        },
        P = function(C, O, J, p, L, v, l, z, I) {
            if (C.C = (C.H += ((I = (l = (L = (O || C.u++, 0 < C.l && C.O && C.K3 && 1 >= C.P && !C.D && !C.B) && (!O || 1 < C.Z - J) && 0 == document.hidden, (v = 4 == C.u) || L ? C.j() : C.R), l) - C.R, z = I >> 14, C).N && (C.N ^= z * (I << 2)), z), z || C.C), v || L) C.R = l, C.u = 0;
            if (!L || l - C.o < C.l - (p ? 255 : O ? 5 : 2)) return false;
            return C.B = ((V(286, (p = (C.Z = J, w(C, O ? 215 : 286)), C), C.F), C).K.push([bo, p, O ? J + 1 : J]), E), true
        },
        wV = function(C, O) {
            ((O.push(C[0] << 24 | C[1] << 16 | C[2] << 8 | C[3]), O).push(C[4] << 24 | C[5] << 16 | C[6] << 8 | C[7]), O).push(C[8] << 24 | C[9] << 16 | C[10] << 8 | C[11])
        },
        x = function(C, O, J, p, L, v) {
            if (!J.I) {
                if (3 < (C = ((0 == (p = w(J, ((v = void 0, C) && C[0] === a && (v = C[2], O = C[1], C = void 0), 358)), p.length) && (L = w(J, 215) >> 3, p.push(O, L >> 8 & 255, L & 255), void 0 != v && p.push(v & 255)), O = "", C) && (C.message && (O += C.message), C.stack && (O += ":" + C.stack)), w(J, 430)), C)) {
                    J.C = (v = (O = (C -= (O = O.slice(0, (C | 0) - 3), O.length | 0) + 3, Ax(O)), J.C), J);
                    try {
                        A(J, n(O.length, 2).concat(O), 9, 9)
                    } finally {
                        J.C = v
                    }
                }
                V(430, J, C)
            }
        },
        tx = function(C, O, J, p, L, v) {
            if (!C.Y) {
                C.P++;
                try {
                    for (p = (v = 0, void 0), J = C.F; --O;) try {
                        if ((L = void 0, C).D) p = v_(C, C.D);
                        else {
                            if (v = w(C, 286), v >= J) break;
                            p = w(C, (L = (V(215, C, v), H(C)), L))
                        }(p && p[ew] & 2048 ? p(C, O) : x([a, 21, L], 0, C), P)(C, false, O, false)
                    } catch (l) {
                        w(C, 391) ? x(l, 22, C) : V(391, C, l)
                    }
                    if (!O) {
                        if (C.Da) {
                            C.P--, tx(C, 261929697120);
                            return
                        }
                        x([a, 33], 0, C)
                    }
                } catch (l) {
                    try {
                        x(l, 22, C)
                    } catch (z) {
                        m(z, C)
                    }
                }
                C.P--
            }
        },
        $c = function(C, O, J, p) {
            for (; C.K.length;) {
                p = (C.B = null, C.K.pop());
                try {
                    J = p8(p, C)
                } catch (L) {
                    m(L, C)
                }
                if (O && C.B) {
                    (O = C.B, O)(function() {
                        W(C, true, true)
                    });
                    break
                }
            }
            return J
        },
        B_ = function(C, O, J, p) {
            function L() {}
            return p = H_(C, function(v) {
                L && (O && E(O), J = v, L(), L = void 0)
            }, (J = void 0, !!O))[0], {
                invoke: function(v, l, z, I) {
                    function b() {
                        J(function(t) {
                            E(function() {
                                v(t)
                            })
                        }, z)
                    }
                    if (!l) return l = p(z), v && v(l), l;
                    J ? b() : (I = L, L = function() {
                        E((I(), b))
                    })
                }
            }
        },
        Qz = function(C, O) {
            if (!(O = (C = null, c.trustedTypes), O) || !O.createPolicy) return C;
            try {
                C = O.createPolicy("bg", {
                    createHTML: f8,
                    createScript: f8,
                    createScriptURL: f8
                })
            } catch (J) {
                c.console && c.console.error(J.message)
            }
            return C
        },
        rV = function(C, O, J) {
            if ("object" == (O = typeof C, O))
                if (C) {
                    if (C instanceof Array) return "array";
                    if (C instanceof Object) return O;
                    if ("[object Window]" == (J = Object.prototype.toString.call(C), J)) return "object";
                    if ("[object Array]" == J || "number" == typeof C.length && "undefined" != typeof C.splice && "undefined" != typeof C.propertyIsEnumerable && !C.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == J || "undefined" != typeof C.call && "undefined" != typeof C.propertyIsEnumerable && !C.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == O && "undefined" == typeof C.call) return "object";
            return O
        },
        Oc = function(C, O) {
            return O[C] << 24 | O[(C | 0) + 1] << 16 | O[(C | 0) + 2] << 8 | O[(C | 0) + 3]
        },
        K8 = function(C, O, J, p) {
            A(O, n((p = H((J = H(O), O)), w(O, J)), C), p)
        },
        G = {
            passive: true,
            capture: true
        },
        Ax = function(C, O, J, p, L) {
            for (C = C.replace(/\r\n/g, "\n"), O = [], p = L = 0; L < C.length; L++) J = C.charCodeAt(L), 128 > J ? O[p++] = J : (2048 > J ? O[p++] = J >> 6 | 192 : (55296 == (J & 64512) && L + 1 < C.length && 56320 == (C.charCodeAt(L + 1) & 64512) ? (J = 65536 + ((J & 1023) << 10) + (C.charCodeAt(++L) & 1023), O[p++] = J >> 18 | 240, O[p++] = J >> 12 & 63 | 128) : O[p++] = J >> 12 | 224, O[p++] = J >> 6 & 63 | 128), O[p++] = J & 63 | 128);
            return O
        },
        H = function(C, O) {
            if (C.D) return v_(C, C.U);
            return (O = D(true, C, 8), O) & 128 && (O ^= 128, C = D(true, C, 2), O = (O << 2) + (C | 0)), O
        },
        sc = function(C, O, J) {
            if (3 == C.length) {
                for (J = 0; 3 > J; J++) O[J] += C[J];
                for (J = (C = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > C; C++) O[3](O, C % 3, J[C])
            }
        },
        Vz = function(C, O, J, p, L) {
            J = w(O, (L = H((J = (C &= (p = C & 3, 4), H(O)), O)), J)), C && (J = Ax("" + J)), p && A(O, n(J.length, 2), L), A(O, J, L)
        },
        TN = function(C, O, J, p, L) {
            for (L = (p = (O.j8 = (O.wZ = zN({get: (O.El = (O.NL = O[R], O.c6 = Yc, n8), function() {
                        return this.concat()
                    })
                }, O.G), T[O.G](O.wZ, {
                    value: {
                        value: {}
                    }
                })), 0), []); 128 > p; p++) L[p] = String.fromCharCode(p);
            W(O, true, (e(((e([(F((V((V(107, O, (V(443, O, (F(O, 40, (V(430, (F(O, 35, (F((F(O, (F(O, (V(9, (F(O, (V(265, O, (V(358, O, (F(O, (V(466, (F((F(O, 387, (F(O, (F((F(O, (F(O, 489, (F(O, ((F(O, (F(O, 457, (F(O, 64, (F(O, 261, (F(((F(O, 287, (F(O, 485, (V((F(O, 477, (V(391, (F((F(O, (V(22, (F(O, 496, (F(O, (V(498, O, (V(215, (V(286, ((O.f3 = function(v) {
                this.C = v
            }, O.H = (O.Y = void 0, O.l = 0, p = window.performance || {}, O.K = [], 1), O).X = (O.W = [], O.L = void 0, O.I = false, (O.h = void 0, O).J = (O.K3 = (O.S = 25, O.D = void 0, false), O.B = null, O.C = O, O.Yx = (O.O = false, []), (O.Z = 8001, O.o = 0, O).A = [], 0), O.P = 0, (O.F = 0, O).g = (O.sl = (O.U = void 0, 0), []), O.R = 0, O.u = (O.N = void 0, void 0), []), O.hU = p.timeOrigin || (p.timing || {}).navigationStart || 0, O), 0), O), 0), [0, 0, 0])), 411), function(v, l, z, I, b, t, B, Q, r, Z, q, f) {
                function k(u, S) {
                    for (; Z < u;) f |= K(v) << Z, Z += 8;
                    return f >>= (Z -= u, S = f & (1 << u) - 1, u), S
                }
                for (Q = (z = (r = (f = Z = (t = H(v), 0), (k(3) | 0) + 1), l = k(5), 0), []), I = 0; z < l; z++) B = k(1), Q.push(B), I += B ? 0 : 1;
                for (q = (z = ((I | 0) - 1).toString(2).length, []), I = 0; I < l; I++) Q[I] || (q[I] = k(z));
                for (z = 0; z < l; z++) Q[z] && (q[z] = H(v));
                for (b = []; r--;) b.push(w(v, H(v)));
                F(v, t, function(u, S, io, d, y) {
                    for (io = (d = (S = 0, []), []); S < l; S++) {
                        if (!(y = q[S], Q)[S]) {
                            for (; y >= d.length;) d.push(H(u));
                            y = d[y]
                        }
                        io.push(y)
                    }
                    u.U = (u.D = uo(u, b.slice()), uo(u, io))
                })
            }), function(v, l) {
                (v = (l = H(v), w(v.C, l)), v[0]).removeEventListener(v[1], v[2], G)
            })), O), {}), 68), function(v) {
                K8(4, v)
            }), O), 230, function(v, l, z, I, b) {
                0 !== (l = w(v, (z = (I = w(v, (b = (l = (I = H((z = (b = H(v), H)(v), v)), H(v)), w(v.C, b)), I)), w(v, z)), l)), b) && (l = lo(l, I, 1, v, b, z), b.addEventListener(z, l, G), V(471, v, [b, z, l]))
            }), O), 677), function(v, l, z, I) {
                (I = (l = (z = H(v), K)(v), H)(v), V)(I, v, w(v, z) >>> l)
            })), 417), O, []), function(v, l) {
                W_((l = w(v, H(v)), l), v.C)
            })), function(v, l, z, I) {
                !P(v, true, l, false) && (l = Ic(v), z = l.i, I = l.C3, v.C == v || z == v.f3 && I == v) && (V(l.Xl, v, z.apply(I, l.v)), v.R = v.j())
            })), O).xx = 0, O), 3, function(v) {
                K8(1, v)
            }), function(v, l, z, I, b) {
                (l = H((b = (z = H(v), H(v)), v)), v.C == v) && (I = w(v, z), l = w(v, l), b = w(v, b), I[b] = l, 373 == z && (v.h = void 0, 2 == b && (v.N = D(false, v, 32), v.h = void 0)))
            })), function(v, l, z) {
                (l = H((z = H(v), v)), V)(l, v, "" + w(v, z))
            })), function(v, l, z, I) {
                V((l = w(v, (I = w(v, (l = H((I = H(v), v)), z = H(v), I)), l)), z), v, +(I == l))
            })), O.gZ = 0, 347), function(v, l, z, I) {
                V((l = w(v, (I = w((z = (I = H(v), H(v)), v), I), z)), z), v, l + I)
            }), O).bm = 0, 112), function(v) {
                Jx(4, v)
            }), function(v, l, z, I) {
                if (l = v.Yx.pop()) {
                    for (z = K(v); 0 < z; z--) I = H(v), l[I] = v.X[I];
                    v.X = (l[l[358] = v.X[358], 430] = v.X[430], l)
                } else V(286, v, v.F)
            })), 17), function(v, l, z, I, b) {
                for (l = (I = GN((b = H(v), v)), z = 0, []); z < I; z++) l.push(K(v));
                V(b, v, l)
            }), O), 181, function(v) {
                Vz(4, v)
            }), 376), function(v, l, z, I, b, t) {
                P(v, true, l, false) || (b = Ic(v.C), l = b.Xl, z = b.i, t = b.C3, b = b.v, I = b.length, z = 0 == I ? new t[z] : 1 == I ? new t[z](b[0]) : 2 == I ? new t[z](b[0], b[1]) : 3 == I ? new t[z](b[0], b[1], b[2]) : 4 == I ? new t[z](b[0], b[1], b[2], b[3]) : 2(), V(l, v, z))
            }), function(v, l, z, I) {
                V((l = w((z = (I = (l = (z = H(v), H(v)), H)(v), w(v, z)), v), l), I), v, z in l | 0)
            })), O), 351, function(v, l, z) {
                V((l = (l = w(v, (l = H(v), z = H(v), l)), rV(l)), z), v, l)
            }), O), 0), 252), function(v, l, z) {
                P(v, true, l, false) || (l = H(v), z = H(v), V(z, v, function(I) {
                    return eval(I)
                }(ZC(w(v.C, l)))))
            }), [])), F(O, 244, function(v, l, z, I, b, t) {
                if (!P(v, true, l, true)) {
                    if ("object" == (v = w((t = (b = (b = (t = (l = H((z = H(v), v)), H(v)), H(v)), l = w(v, l), w(v, b)), w)(v, t), v), z), rV(v))) {
                        for (I in z = [], v) z.push(I);
                        v = z
                    }
                    for (z = (t = 0 < (I = 0, t) ? t : 1, v.length); I < z; I += t) l(v.slice(I, (I | 0) + (t | 0)), b)
                }
            }), [160, 0, 0])), 504), function(v, l, z) {
                0 != w((z = w(v, (z = H((l = H(v), v)), z)), v), l) && V(286, v, z)
            }), O), N(4)), 322), function(v, l, z, I, b, t, B) {
                for (B = (t = (z = w(v, (I = (b = H(v), GN)(v), l = "", 484)), z).length, 0); I--;) B = ((B | 0) + (GN(v) | 0)) % t, l += L[z[B]];
                V(b, v, l)
            }), 393), function(v, l, z, I) {
                l = w(v, (I = (z = H((I = (l = H(v), H)(v), v)), w(v, I)), l)), V(z, v, l[I])
            }), O), 442, function(v, l, z, I) {
                (l = (z = H((I = H(v), v)), H(v)), V)(l, v, w(v, I) || w(v, z))
            }), function() {})), O), 2048), function(v) {
                Vz(3, v)
            })), O)), c)), 471), O, 0), O), 486, function(v, l, z, I, b) {
                V((l = w(v, (z = w(v, (b = H((z = (I = H(v), H(v)), l = H(v), v)), z)), b = w(v, b), l)), I), v, lo(l, z, b, v))
            }), qs)], O), e)([h, J], O), [Sw, C]), O), true))
        },
        Ns = function(C, O, J, p) {
            try {
                p = C[((O | 0) + 2) % 3], C[O] = (C[O] | 0) - (C[((O | 0) + 1) % 3] | 0) - (p | 0) ^ (1 == O ? p << J : p >>> J)
            } catch (L) {
                throw L;
            }
        },
        GN = function(C, O) {
            return (O = K(C), O & 128) && (O = O & 127 | K(C) << 7), O
        },
        H_ = function(C, O, J, p) {
            return (p = g[C.substring(0, 3) + "_"]) ? p(C.substring(3), O, J) : Ec(O, C)
        },
        F = function(C, O, J) {
            J[V(O, C, J), qs] = 2796
        },
        g, V = function(C, O, J) {
            if (286 == C || 215 == C) O.X[C] ? O.X[C].concat(J) : O.X[C] = uo(O, J);
            else {
                if (O.I && 373 != C) return;
                265 == C || 9 == C || 417 == C || 358 == C || 498 == C ? O.X[C] || (O.X[C] = P_(118, C, J, O)) : O.X[C] = P_(9, C, J, O)
            }
            373 == C && (O.N = D(false, O, 32), O.h = void 0)
        },
        kc = function(C, O, J) {
            return C.V(function(p) {
                J = p
            }, false, O), J
        },
        f8 = function(C) {
            return C
        },
        Ec = function(C, O) {
            return C(function(J) {
                J(O)
            }), [function() {
                return O
            }]
        },
        uo = function(C, O, J) {
            return (J = T[C.G](C.j8), J)[C.G] = function() {
                return O
            }, J.concat = function(p) {
                O = p
            }, J
        },
        C8 = function(C, O, J, p, L) {
            for (p = (C = (L = C[2] | 0, C)[3] | 0, 0); 14 > p; p++) J = J >>> 8 | J << 24, J += O | 0, J ^= L + 2298, O = O << 3 | O >>> 29, C = C >>> 8 | C << 24, C += L | 0, L = L << 3 | L >>> 29, C ^= p + 2298, L ^= C, O ^= J;
            return [O >>> 24 & 255, O >>> 16 & 255, O >>> 8 & 255, O >>> 0 & 255, J >>> 24 & 255, J >>> 16 & 255, J >>> 8 & 255, J >>> 0 & 255]
        },
        K = function(C) {
            return C.D ? v_(C, C.U) : D(true, C, 8)
        },
        W_ = function(C, O) {
            (O.Yx.push(O.X.slice()), O.X)[286] = void 0, V(286, O, C)
        },
        ac = function(C, O, J, p) {
            return (V(286, C, ((p = w(C, 286), C.g) && p < C.F ? (V(286, C, C.F), W_(J, C)) : V(286, C, J), tx(C, O), p)), w)(C, 22)
        },
        X, w = function(C, O) {
            if ((C = C.X[O], void 0) === C) throw [a, 30, O];
            if (C.value) return C.create();
            return (C.create(4 * O * O + -12 * O + 4), C).prototype
        },
        U = function(C, O, J) {
            J = this;
            try {
                TN(O, this, C)
            } catch (p) {
                m(p, this), O(function(L) {
                    L(J.Y)
                })
            }
        },
        P_ = function(C, O, J, p, L, v, l, z) {
            return J = [87, -12, -24, -71, (v = C & 7, z = xc, 14), -5, J, -72, -32, 90], l = T[p.G](p.wZ), l[p.G] = function(I) {
                v += 6 + 7 * C, v &= (L = I, 7)
            }, l.concat = function(I) {
                return (I = (I = (I = O % 16 + 1, -224 * L + (z() | 0) * I - I * L + 56 * L * L + v + J[v + 51 & 7] * O * I - -672 * O * L - 224 * O * O * L + 4 * O * O * I), J[I]), L = void 0, J[(v + 29 & 7) + (C & 2)] = I, J)[v + (C & 2)] = -12, I
            }, l
        },
        D = function(C, O, J, p, L, v, l, z, I, b, t, B, Q, r) {
            if (t = w(O, 286), t >= O.F) throw [a, 31];
            for (r = (v = (B = 0, L = O.NL.length, J), t); 0 < v;) Q = r >> 3, I = r % 8, p = 8 - (I | 0), p = p < v ? p : v, l = O.g[Q], C && (b = O, b.h != r >> 6 && (b.h = r >> 6, z = w(b, 373), b.L = C8([0, 0, z[1], z[2]], b.N, b.h)), l ^= O.L[Q & L]), B |= (l >> 8 - (I | 0) - (p | 0) & (1 << p) - 1) << (v | 0) - (p | 0), v -= p, r += p;
            return V(286, (C = B, O), (t | 0) + (J | 0)), C
        },
        m = function(C, O) {
            O.Y = ((O.Y ? O.Y + "~" : "E:") + C.message + ":" + C.stack).slice(0, 2048)
        },
        c = this || self,
        E = c.requestIdleCallback ? function(C) {
            requestIdleCallback(function() {
                C()
            }, {
                timeout: 4
            })
        } : c.setImmediate ? function(C) {
            setImmediate(C)
        } : function(C) {
            setTimeout(C, 0)
        },
        p8 = function(C, O, J, p, L) {
            if ((L = C[0], L) == M) O.S = 25, O.s(C);
            else if (L == R) {
                J = C[1];
                try {
                    p = O.Y || O.s(C)
                } catch (v) {
                    m(v, O), p = O.Y
                }
                J(p)
            } else if (L == bo) O.s(C);
            else if (L == h) O.s(C);
            else if (L == Sw) {
                try {
                    for (p = 0; p < O.A.length; p++) try {
                        J = O.A[p], J[0][J[1]](J[2])
                    } catch (v) {}
                } catch (v) {}(0, C[1])(function(v, l) {
                    O.V(v, true, l)
                }, (O.A = [], function(v) {
                    (e((v = !O.K.length, [ew]), O), v) && W(O, true, false)
                }))
            } else {
                if (L == Y) return p = C[2], V(247, O, C[6]), V(22, O, p), O.s(C);
                L == ew ? (O.g = [], O.W = [], O.X = null) : L == qs && "loading" === c.document.readyState && (O.B = function(v, l) {
                    function z() {
                        l || (l = true, v())
                    }(c.document.addEventListener("DOMContentLoaded", z, (l = false, G)), c).addEventListener("load", z, G)
                })
            }
        },
        L8 = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        bo = [],
        ew = [],
        M = (U.prototype.kx = void 0, U.prototype.T = "toString", []),
        R = [],
        a = (U.prototype.Da = false, U.prototype.RF = void 0, {}),
        h = [],
        Sw = [],
        qs = [],
        Y = [],
        xc = (((wV, function() {})(N), Ns, function() {})(sc), void 0),
        T = a.constructor,
        n8 = (((((((X = U.prototype, U).prototype.G = "create", X.m5 = function(C, O, J, p, L) {
            for (L = p = 0; L < C.length; L++) p += C.charCodeAt(L), p += p << 10, p ^= p >> 6;
            return (p = (p += p << 3, p ^= p >> 11, C = p + (p << 15) >>> 0, new Number(C & (1 << O) - 1)), p)[0] = (C >>> O) % J, p
        }, X.V = function(C, O, J, p, L) {
            if ((J = "array" === rV(J) ? J : [J], this).Y) C(this.Y);
            else try {
                p = !this.K.length, L = [], e([M, L, J], this), e([R, C, L], this), O && !p || W(this, O, true)
            } catch (v) {
                m(v, this), C(this.Y)
            }
        }, X).aF = function(C, O, J, p, L, v) {
            for (L = v = (p = [], 0); L < C.length; L++)
                for (J = J << O | C[L], v += O; 7 < v;) v -= 8, p.push(J >> v & 255);
            return p
        }, X.B6 = function(C, O, J) {
            return C ^ (O ^= O << 13, O ^= O >> 17, (O = (O ^ O << 5) & J) || (O = 1), O)
        }, X).ML = function() {
            return Math.floor(this.J + (this.j() - this.o))
        }, X.j = (window.performance || {}).now ? function() {
            return this.hU + window.performance.now()
        } : function() {
            return +new Date
        }, X).Ul = function() {
            return Math.floor(this.j())
        }, U).prototype.s = function(C, O) {
            return O = (xc = function() {
                    return C == O ? 4 : -46
                }, C = {}, {}),
                function(J, p, L, v, l, z, I, b, t, B, Q, r, Z, q, f) {
                    t = C, C = O;
                    try {
                        if (B = J[0], B == h) {
                            I = J[1];
                            try {
                                for (f = (L = [], v = atob(I), Z = 0); Z < v.length; Z++) p = v.charCodeAt(Z), 255 < p && (L[f++] = p & 255, p >>= 8), L[f++] = p;
                                V(373, this, (this.F = (this.g = L, this.g.length << 3), [0, 0, 0]))
                            } catch (k) {
                                x(k, 17, this);
                                return
                            }
                            tx(this, 8001)
                        } else if (B == M) J[1].push(w(this, 265).length, w(this, 417).length, w(this, 430), w(this, 9).length), V(22, this, J[2]), this.X[101] && ac(this, 8001, w(this, 101));
                        else {
                            if (B == R) {
                                b = (q = (L = J[2], n((w(this, 265).length | 0) + 2, 2)), this.C), this.C = this;
                                try {
                                    z = w(this, 358), 0 < z.length && A(this, n(z.length, 2).concat(z), 265, 10), A(this, n(this.H, 1), 265, 109), A(this, n(this[R].length, 1), 265), v = 0, v += w(this, 466) & 2047, r = w(this, 9), v -= (w(this, 265).length | 0) + 5, 4 < r.length && (v -= (r.length | 0) + 3), 0 < v && A(this, n(v, 2).concat(N(v)), 265, 15), 4 < r.length && A(this, n(r.length, 2).concat(r), 265, 156)
                                } finally {
                                    this.C = b
                                }
                                if (Q = (((f = N(2).concat(w(this, 265)), f)[1] = f[0] ^ 6, f)[3] = f[1] ^ q[0], f[4] = f[1] ^ q[1], this).dZ(f)) Q = "!" + Q;
                                else
                                    for (Q = "", v = 0; v < f.length; v++) l = f[v][this.T](16), 1 == l.length && (l = "0" + l), Q += l;
                                return w(this, (V(430, ((w(this, (Z = Q, 265)).length = L.shift(), w)(this, 417).length = L.shift(), this), L.shift()), 9)).length = L.shift(), Z
                            }
                            if (B == bo) ac(this, J[2], J[1]);
                            else if (B == Y) return ac(this, 8001, J[1])
                        }
                    } finally {
                        C = t
                    }
                }
        }(), U.prototype.oF = 0, U.prototype).tU = 0, /./);
    U.prototype.dZ = function(C, O, J, p) {
        if (O = window.btoa) {
            for (p = 0, J = ""; p < C.length; p += 8192) J += String.fromCharCode.apply(null, C.slice(p, p + 8192));
            C = O(J).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
        } else C = void 0;
        return C
    };
    var Yc, jw = (U.prototype[Sw] = [0, 0, 1, 1, 0, 1, 1], h).pop.bind(U.prototype[M]),
        ZC = ((Yc = zN({get: jw
        }, (n8[U.prototype.T] = jw, U.prototype.G)), U).prototype.v6 = void 0, function(C, O) {
            return (O = Qz()) && 1 === C.eval(O.createScript("1")) ? function(J) {
                return O.createScript(J)
            } : function(J) {
                return "" + J
            }
        }(c));
    (40 < (g = c.botguard || (c.botguard = {}), g).m || (g.m = 41, g.bg = B_, g.a = H_), g).hDL_ = function(C, O, J) {
        return [(J = new U(C, O), function(p) {
            return kc(J, p)
        })]
    };
}).call(this);
#2 JavaScript::Eval (size: 62) - SHA256: 656ddb7093a608f140df5a991c579e27ad31e247a6ded28fa406e948965cf12a
0,
function(v, l, z) {
    z = (l = (z = H(v), H(v)), v.X[z]) && w(v, z), V(l, v, z)
}
#3 JavaScript::Eval (size: 22) - SHA256: 1bb4b16c7de163ff866b60976156d8c769e3cd8f2b5bdea3c85e854c986003d6
0,
function(v) {
    Jx(1, v)
}
#4 JavaScript::Eval (size: 22) - SHA256: 96bc32102142a2b26979b51faca0349f415898ceeba6ca594e7498b337aa0808
0,
function(v) {
    Jx(2, v)
}
#5 JavaScript::Eval (size: 15595) - SHA256: a6ea689f7d9dad611f9b9128b7a88274629505eea048bdc0bfcf03552fec5d36
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var J = function(C) {
            return C
        },
        p = this || self,
        l = function(C, O) {
            if (!(C = (O = p.trustedTypes, null), O) || !O.createPolicy) return C;
            try {
                C = O.createPolicy("bg", {
                    createHTML: J,
                    createScript: J,
                    createScriptURL: J
                })
            } catch (v) {
                p.console && p.console.error(v.message)
            }
            return C
        };
    (0, eval)(function(C, O) {
        return (O = l()) && 1 === C.eval(O.createScript("1")) ? function(v) {
            return O.createScript(v)
        } : function(v) {
            return "" + v
        }
    }(p)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var A=function(C,O,J,p,L,v){if(C.C==C)for(L=w(C,J),9==J?(J=function(l,z,I,b){if(I=(b=L.length,(b|0)-4>>3),L.Fl!=I){I=(I<<3)-(z=[0,0,v[1],v[L.Fl=I,2]],4);try{L.G7=C8(z,Oc(I,L),Oc((I|0)+4,L))}catch(t){throw t;}}L.push(L.G7[b&7]^l)},v=w(C,498)):J=function(l){L.push(l)},p&&J(p&255),C=O.length,p=0;p<C;p++)J(O[p])},e=function(C,O){O.K.splice(0,0,C)},v_=function(C,O){return O=O.create().shift(),C.D.create().length||C.U.create().length||(C.D=void 0,C.U=void 0),O},Jx=function(C,O,J,p){for(p=(J=H(O),0);0<C;C--)p=p<<8|K(O);V(J,O,p)},n=function(C,O,J,p){for(p=(J=(O|0)-1,[]);0<=J;J--)p[(O|0)-1-(J|0)]=C>>8*J&255;return p},lo=function(C,O,J,p,L,v){function l(){if(p.C==p){if(p.X){var z=[Y,O,C,void 0,L,v,arguments];if(2==J)var I=W(p,(e(z,p),false),false);else if(1==J){var b=!p.K.length;e(z,p),b&&W(p,false,false)}else I=p8(z,p);return I}L&&v&&L.removeEventListener(v,l,G)}}return l},zN=function(C,O){return T[O](T.prototype,{prototype:C,pop:C,call:C,splice:C,floor:C,replace:C,propertyIsEnumerable:C,parent:C,length:C,stack:C,document:C,console:C})},N=function(C,O){for(O=[];C--;)O.push(255*Math.random()|0);return O},W=function(C,O,J,p,L,v){if(C.K.length){C.O=!(C.K3=(C.O&&0(),O),0);try{p=C.j(),C.o=p,C.R=p,C.u=0,v=$c(C,O),L=C.j()-C.o,C.J+=L,L<(J?0:10)||0>=C.S--||(L=Math.floor(L),C.W.push(254>=L?L:254))}finally{C.O=false}return v}},Ic=function(C,O,J,p,L,v){for(J=(L=((p=(O=C[L8]||{},H(C)),O).Xl=H(C),O.v=[],C).C==C?(K(C)|0)-1:1,H(C)),v=0;v<L;v++)O.v.push(H(C));for((O.i=w(C,p),O).C3=w(C,J);L--;)O.v[L]=w(C,O.v[L]);return O},P=function(C,O,J,p,L,v,l,z,I){if(C.C=(C.H+=((I=(l=(L=(O||C.u++,0<C.l&&C.O&&C.K3&&1>=C.P&&!C.D&&!C.B)&&(!O||1<C.Z-J)&&0==document.hidden,(v=4==C.u)||L?C.j():C.R),l)-C.R,z=I>>14,C).N&&(C.N^=z*(I<<2)),z),z||C.C),v||L)C.R=l,C.u=0;if(!L||l-C.o<C.l-(p?255:O?5:2))return false;return C.B=((V(286,(p=(C.Z=J,w(C,O?215:286)),C),C.F),C).K.push([bo,p,O?J+1:J]),E),true},wV=function(C,O){((O.push(C[0]<<24|C[1]<<16|C[2]<<8|C[3]),O).push(C[4]<<24|C[5]<<16|C[6]<<8|C[7]),O).push(C[8]<<24|C[9]<<16|C[10]<<8|C[11])},x=function(C,O,J,p,L,v){if(!J.I){if(3<(C=((0==(p=w(J,((v=void 0,C)&&C[0]===a&&(v=C[2],O=C[1],C=void 0),358)),p.length)&&(L=w(J,215)>>3,p.push(O,L>>8&255,L&255),void 0!=v&&p.push(v&255)),O="",C)&&(C.message&&(O+=C.message),C.stack&&(O+=":"+C.stack)),w(J,430)),C)){J.C=(v=(O=(C-=(O=O.slice(0,(C|0)-3),O.length|0)+3,Ax(O)),J.C),J);try{A(J,n(O.length,2).concat(O),9,9)}finally{J.C=v}}V(430,J,C)}},tx=function(C,O,J,p,L,v){if(!C.Y){C.P++;try{for(p=(v=0,void 0),J=C.F;--O;)try{if((L=void 0,C).D)p=v_(C,C.D);else{if(v=w(C,286),v>=J)break;p=w(C,(L=(V(215,C,v),H(C)),L))}(p&&p[ew]&2048?p(C,O):x([a,21,L],0,C),P)(C,false,O,false)}catch(l){w(C,391)?x(l,22,C):V(391,C,l)}if(!O){if(C.Da){C.P--,tx(C,261929697120);return}x([a,33],0,C)}}catch(l){try{x(l,22,C)}catch(z){m(z,C)}}C.P--}},$c=function(C,O,J,p){for(;C.K.length;){p=(C.B=null,C.K.pop());try{J=p8(p,C)}catch(L){m(L,C)}if(O&&C.B){(O=C.B,O)(function(){W(C,true,true)});break}}return J},B_=function(C,O,J,p){function L(){}return p=H_(C,function(v){L&&(O&&E(O),J=v,L(),L=void 0)},(J=void 0,!!O))[0],{invoke:function(v,l,z,I){function b(){J(function(t){E(function(){v(t)})},z)}if(!l)return l=p(z),v&&v(l),l;J?b():(I=L,L=function(){E((I(),b))})}}},Qz=function(C,O){if(!(O=(C=null,c.trustedTypes),O)||!O.createPolicy)return C;try{C=O.createPolicy("bg",{createHTML:f8,createScript:f8,createScriptURL:f8})}catch(J){c.console&&c.console.error(J.message)}return C},rV=function(C,O,J){if("object"==(O=typeof C,O))if(C){if(C instanceof Array)return"array";if(C instanceof Object)return O;if("[object Window]"==(J=Object.prototype.toString.call(C),J))return"object";if("[object Array]"==J||"number"==typeof C.length&&"undefined"!=typeof C.splice&&"undefined"!=typeof C.propertyIsEnumerable&&!C.propertyIsEnumerable("splice"))return"array";if("[object Function]"==J||"undefined"!=typeof C.call&&"undefined"!=typeof C.propertyIsEnumerable&&!C.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==O&&"undefined"==typeof C.call)return"object";return O},Oc=function(C,O){return O[C]<<24|O[(C|0)+1]<<16|O[(C|0)+2]<<8|O[(C|0)+3]},K8=function(C,O,J,p){A(O,n((p=H((J=H(O),O)),w(O,J)),C),p)},G={passive:true,capture:true},Ax=function(C,O,J,p,L){for(C=C.replace(/\\r\\n/g,"\\n"),O=[],p=L=0;L<C.length;L++)J=C.charCodeAt(L),128>J?O[p++]=J:(2048>J?O[p++]=J>>6|192:(55296==(J&64512)&&L+1<C.length&&56320==(C.charCodeAt(L+1)&64512)?(J=65536+((J&1023)<<10)+(C.charCodeAt(++L)&1023),O[p++]=J>>18|240,O[p++]=J>>12&63|128):O[p++]=J>>12|224,O[p++]=J>>6&63|128),O[p++]=J&63|128);return O},H=function(C,O){if(C.D)return v_(C,C.U);return(O=D(true,C,8),O)&128&&(O^=128,C=D(true,C,2),O=(O<<2)+(C|0)),O},sc=function(C,O,J){if(3==C.length){for(J=0;3>J;J++)O[J]+=C[J];for(J=(C=0,[13,8,13,12,16,5,3,10,15]);9>C;C++)O[3](O,C%3,J[C])}},Vz=function(C,O,J,p,L){J=w(O,(L=H((J=(C&=(p=C&3,4),H(O)),O)),J)),C&&(J=Ax(""+J)),p&&A(O,n(J.length,2),L),A(O,J,L)},TN=function(C,O,J,p,L){for(L=(p=(O.j8=(O.wZ=zN({get:(O.El=(O.NL=O[R],O.c6=Yc,n8),function(){return this.concat()})},O.G),T[O.G](O.wZ,{value:{value:{}}})),0),[]);128>p;p++)L[p]=String.fromCharCode(p);W(O,true,(e(((e([(F((V((V(107,O,(V(443,O,(F(O,40,(V(430,(F(O,35,(F((F(O,(F(O,(V(9,(F(O,(V(265,O,(V(358,O,(F(O,(V(466,(F((F(O,387,(F(O,(F((F(O,(F(O,489,(F(O,((F(O,(F(O,457,(F(O,64,(F(O,261,(F(((F(O,287,(F(O,485,(V((F(O,477,(V(391,(F((F(O,(V(22,(F(O,496,(F(O,(V(498,O,(V(215,(V(286,((O.f3=function(v){this.C=v},O.H=(O.Y=void 0,O.l=0,p=window.performance||{},O.K=[],1),O).X=(O.W=[],O.L=void 0,O.I=false,(O.h=void 0,O).J=(O.K3=(O.S=25,O.D=void 0,false),O.B=null,O.C=O,O.Yx=(O.O=false,[]),(O.Z=8001,O.o=0,O).A=[],0),O.P=0,(O.F=0,O).g=(O.sl=(O.U=void 0,0),[]),O.R=0,O.u=(O.N=void 0,void 0),[]),O.hU=p.timeOrigin||(p.timing||{}).navigationStart||0,O),0),O),0),[0,0,0])),411),function(v,l,z,I,b,t,B,Q,r,Z,q,f){function k(u,S){for(;Z<u;)f|=K(v)<<Z,Z+=8;return f>>=(Z-=u,S=f&(1<<u)-1,u),S}for(Q=(z=(r=(f=Z=(t=H(v),0),(k(3)|0)+1),l=k(5),0),[]),I=0;z<l;z++)B=k(1),Q.push(B),I+=B?0:1;for(q=(z=((I|0)-1).toString(2).length,[]),I=0;I<l;I++)Q[I]||(q[I]=k(z));for(z=0;z<l;z++)Q[z]&&(q[z]=H(v));for(b=[];r--;)b.push(w(v,H(v)));F(v,t,function(u,S,io,d,y){for(io=(d=(S=0,[]),[]);S<l;S++){if(!(y=q[S],Q)[S]){for(;y>=d.length;)d.push(H(u));y=d[y]}io.push(y)}u.U=(u.D=uo(u,b.slice()),uo(u,io))})}),function(v,l){(v=(l=H(v),w(v.C,l)),v[0]).removeEventListener(v[1],v[2],G)})),O),{}),68),function(v){K8(4,v)}),O),230,function(v,l,z,I,b){0!==(l=w(v,(z=(I=w(v,(b=(l=(I=H((z=(b=H(v),H)(v),v)),H(v)),w(v.C,b)),I)),w(v,z)),l)),b)&&(l=lo(l,I,1,v,b,z),b.addEventListener(z,l,G),V(471,v,[b,z,l]))}),O),677),function(v,l,z,I){(I=(l=(z=H(v),K)(v),H)(v),V)(I,v,w(v,z)>>>l)})),417),O,[]),function(v,l){W_((l=w(v,H(v)),l),v.C)})),function(v,l,z,I){!P(v,true,l,false)&&(l=Ic(v),z=l.i,I=l.C3,v.C==v||z==v.f3&&I==v)&&(V(l.Xl,v,z.apply(I,l.v)),v.R=v.j())})),O).xx=0,O),3,function(v){K8(1,v)}),function(v,l,z,I,b){(l=H((b=(z=H(v),H(v)),v)),v.C==v)&&(I=w(v,z),l=w(v,l),b=w(v,b),I[b]=l,373==z&&(v.h=void 0,2==b&&(v.N=D(false,v,32),v.h=void 0)))})),function(v,l,z){(l=H((z=H(v),v)),V)(l,v,""+w(v,z))})),function(v,l,z,I){V((l=w(v,(I=w(v,(l=H((I=H(v),v)),z=H(v),I)),l)),z),v,+(I==l))})),O.gZ=0,347),function(v,l,z,I){V((l=w(v,(I=w((z=(I=H(v),H(v)),v),I),z)),z),v,l+I)}),O).bm=0,112),function(v){Jx(4,v)}),function(v,l,z,I){if(l=v.Yx.pop()){for(z=K(v);0<z;z--)I=H(v),l[I]=v.X[I];v.X=(l[l[358]=v.X[358],430]=v.X[430],l)}else V(286,v,v.F)})),17),function(v,l,z,I,b){for(l=(I=GN((b=H(v),v)),z=0,[]);z<I;z++)l.push(K(v));V(b,v,l)}),O),181,function(v){Vz(4,v)}),376),function(v,l,z,I,b,t){P(v,true,l,false)||(b=Ic(v.C),l=b.Xl,z=b.i,t=b.C3,b=b.v,I=b.length,z=0==I?new t[z]:1==I?new t[z](b[0]):2==I?new t[z](b[0],b[1]):3==I?new t[z](b[0],b[1],b[2]):4==I?new t[z](b[0],b[1],b[2],b[3]):2(),V(l,v,z))}),function(v,l,z,I){V((l=w((z=(I=(l=(z=H(v),H(v)),H)(v),w(v,z)),v),l),I),v,z in l|0)})),O),351,function(v,l,z){V((l=(l=w(v,(l=H(v),z=H(v),l)),rV(l)),z),v,l)}),O),0),252),function(v,l,z){P(v,true,l,false)||(l=H(v),z=H(v),V(z,v,function(I){return eval(I)}(ZC(w(v.C,l)))))}),[])),F(O,244,function(v,l,z,I,b,t){if(!P(v,true,l,true)){if("object"==(v=w((t=(b=(b=(t=(l=H((z=H(v),v)),H(v)),H(v)),l=w(v,l),w(v,b)),w)(v,t),v),z),rV(v))){for(I in z=[],v)z.push(I);v=z}for(z=(t=0<(I=0,t)?t:1,v.length);I<z;I+=t)l(v.slice(I,(I|0)+(t|0)),b)}}),[160,0,0])),504),function(v,l,z){0!=w((z=w(v,(z=H((l=H(v),v)),z)),v),l)&&V(286,v,z)}),O),N(4)),322),function(v,l,z,I,b,t,B){for(B=(t=(z=w(v,(I=(b=H(v),GN)(v),l="",484)),z).length,0);I--;)B=((B|0)+(GN(v)|0))%t,l+=L[z[B]];V(b,v,l)}),393),function(v,l,z,I){l=w(v,(I=(z=H((I=(l=H(v),H)(v),v)),w(v,I)),l)),V(z,v,l[I])}),O),442,function(v,l,z,I){(l=(z=H((I=H(v),v)),H(v)),V)(l,v,w(v,I)||w(v,z))}),function(){})),O),2048),function(v){Vz(3,v)})),O)),c)),471),O,0),O),486,function(v,l,z,I,b){V((l=w(v,(z=w(v,(b=H((z=(I=H(v),H(v)),l=H(v),v)),z)),b=w(v,b),l)),I),v,lo(l,z,b,v))}),qs)],O),e)([h,J],O),[Sw,C]),O),true))},Ns=function(C,O,J,p){try{p=C[((O|0)+2)%3],C[O]=(C[O]|0)-(C[((O|0)+1)%3]|0)-(p|0)^(1==O?p<<J:p>>>J)}catch(L){throw L;}},GN=function(C,O){return(O=K(C),O&128)&&(O=O&127|K(C)<<7),O},H_=function(C,O,J,p){return(p=g[C.substring(0,3)+"_"])?p(C.substring(3),O,J):Ec(O,C)},F=function(C,O,J){J[V(O,C,J),qs]=2796},g,V=function(C,O,J){if(286==C||215==C)O.X[C]?O.X[C].concat(J):O.X[C]=uo(O,J);else{if(O.I&&373!=C)return;265==C||9==C||417==C||358==C||498==C?O.X[C]||(O.X[C]=P_(118,C,J,O)):O.X[C]=P_(9,C,J,O)}373==C&&(O.N=D(false,O,32),O.h=void 0)},kc=function(C,O,J){return C.V(function(p){J=p},false,O),J},f8=function(C){return C},Ec=function(C,O){return C(function(J){J(O)}),[function(){return O}]},uo=function(C,O,J){return(J=T[C.G](C.j8),J)[C.G]=function(){return O},J.concat=function(p){O=p},J},C8=function(C,O,J,p,L){for(p=(C=(L=C[2]|0,C)[3]|0,0);14>p;p++)J=J>>>8|J<<24,J+=O|0,J^=L+2298,O=O<<3|O>>>29,C=C>>>8|C<<24,C+=L|0,L=L<<3|L>>>29,C^=p+2298,L^=C,O^=J;return[O>>>24&255,O>>>16&255,O>>>8&255,O>>>0&255,J>>>24&255,J>>>16&255,J>>>8&255,J>>>0&255]},K=function(C){return C.D?v_(C,C.U):D(true,C,8)},W_=function(C,O){(O.Yx.push(O.X.slice()),O.X)[286]=void 0,V(286,O,C)},ac=function(C,O,J,p){return(V(286,C,((p=w(C,286),C.g)&&p<C.F?(V(286,C,C.F),W_(J,C)):V(286,C,J),tx(C,O),p)),w)(C,22)},X,w=function(C,O){if((C=C.X[O],void 0)===C)throw[a,30,O];if(C.value)return C.create();return(C.create(4*O*O+-12*O+4),C).prototype},U=function(C,O,J){J=this;try{TN(O,this,C)}catch(p){m(p,this),O(function(L){L(J.Y)})}},P_=function(C,O,J,p,L,v,l,z){return J=[87,-12,-24,-71,(v=C&7,z=xc,14),-5,J,-72,-32,90],l=T[p.G](p.wZ),l[p.G]=function(I){v+=6+7*C,v&=(L=I,7)},l.concat=function(I){return(I=(I=(I=O%16+1,-224*L+(z()|0)*I-I*L+56*L*L+v+J[v+51&7]*O*I- -672*O*L-224*O*O*L+4*O*O*I),J[I]),L=void 0,J[(v+29&7)+(C&2)]=I,J)[v+(C&2)]=-12,I},l},D=function(C,O,J,p,L,v,l,z,I,b,t,B,Q,r){if(t=w(O,286),t>=O.F)throw[a,31];for(r=(v=(B=0,L=O.NL.length,J),t);0<v;)Q=r>>3,I=r%8,p=8-(I|0),p=p<v?p:v,l=O.g[Q],C&&(b=O,b.h!=r>>6&&(b.h=r>>6,z=w(b,373),b.L=C8([0,0,z[1],z[2]],b.N,b.h)),l^=O.L[Q&L]),B|=(l>>8-(I|0)-(p|0)&(1<<p)-1)<<(v|0)-(p|0),v-=p,r+=p;return V(286,(C=B,O),(t|0)+(J|0)),C},m=function(C,O){O.Y=((O.Y?O.Y+"~":"E:")+C.message+":"+C.stack).slice(0,2048)},c=this||self,E=c.requestIdleCallback?function(C){requestIdleCallback(function(){C()},{timeout:4})}:c.setImmediate?function(C){setImmediate(C)}:function(C){setTimeout(C,0)},p8=function(C,O,J,p,L){if((L=C[0],L)==M)O.S=25,O.s(C);else if(L==R){J=C[1];try{p=O.Y||O.s(C)}catch(v){m(v,O),p=O.Y}J(p)}else if(L==bo)O.s(C);else if(L==h)O.s(C);else if(L==Sw){try{for(p=0;p<O.A.length;p++)try{J=O.A[p],J[0][J[1]](J[2])}catch(v){}}catch(v){}(0,C[1])(function(v,l){O.V(v,true,l)},(O.A=[],function(v){(e((v=!O.K.length,[ew]),O),v)&&W(O,true,false)}))}else{if(L==Y)return p=C[2],V(247,O,C[6]),V(22,O,p),O.s(C);L==ew?(O.g=[],O.W=[],O.X=null):L==qs&&"loading"===c.document.readyState&&(O.B=function(v,l){function z(){l||(l=true,v())}(c.document.addEventListener("DOMContentLoaded",z,(l=false,G)),c).addEventListener("load",z,G)})}},L8=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),bo=[],ew=[],M=(U.prototype.kx=void 0,U.prototype.T="toString",[]),R=[],a=(U.prototype.Da=false,U.prototype.RF=void 0,{}),h=[],Sw=[],qs=[],Y=[],xc=(((wV,function(){})(N),Ns,function(){})(sc),void 0),T=a.constructor,n8=(((((((X=U.prototype,U).prototype.G="create",X.m5=function(C,O,J,p,L){for(L=p=0;L<C.length;L++)p+=C.charCodeAt(L),p+=p<<10,p^=p>>6;return(p=(p+=p<<3,p^=p>>11,C=p+(p<<15)>>>0,new Number(C&(1<<O)-1)),p)[0]=(C>>>O)%J,p},X.V=function(C,O,J,p,L){if((J="array"===rV(J)?J:[J],this).Y)C(this.Y);else try{p=!this.K.length,L=[],e([M,L,J],this),e([R,C,L],this),O&&!p||W(this,O,true)}catch(v){m(v,this),C(this.Y)}},X).aF=function(C,O,J,p,L,v){for(L=v=(p=[],0);L<C.length;L++)for(J=J<<O|C[L],v+=O;7<v;)v-=8,p.push(J>>v&255);return p},X.B6=function(C,O,J){return C^(O^=O<<13,O^=O>>17,(O=(O^O<<5)&J)||(O=1),O)},X).ML=function(){return Math.floor(this.J+(this.j()-this.o))},X.j=(window.performance||{}).now?function(){return this.hU+window.performance.now()}:function(){return+new Date},X).Ul=function(){return Math.floor(this.j())},U).prototype.s=function(C,O){return O=(xc=function(){return C==O?4:-46},C={},{}),function(J,p,L,v,l,z,I,b,t,B,Q,r,Z,q,f){t=C,C=O;try{if(B=J[0],B==h){I=J[1];try{for(f=(L=[],v=atob(I),Z=0);Z<v.length;Z++)p=v.charCodeAt(Z),255<p&&(L[f++]=p&255,p>>=8),L[f++]=p;V(373,this,(this.F=(this.g=L,this.g.length<<3),[0,0,0]))}catch(k){x(k,17,this);return}tx(this,8001)}else if(B==M)J[1].push(w(this,265).length,w(this,417).length,w(this,430),w(this,9).length),V(22,this,J[2]),this.X[101]&&ac(this,8001,w(this,101));else{if(B==R){b=(q=(L=J[2],n((w(this,265).length|0)+2,2)),this.C),this.C=this;try{z=w(this,358),0<z.length&&A(this,n(z.length,2).concat(z),265,10),A(this,n(this.H,1),265,109),A(this,n(this[R].length,1),265),v=0,v+=w(this,466)&2047,r=w(this,9),v-=(w(this,265).length|0)+5,4<r.length&&(v-=(r.length|0)+3),0<v&&A(this,n(v,2).concat(N(v)),265,15),4<r.length&&A(this,n(r.length,2).concat(r),265,156)}finally{this.C=b}if(Q=(((f=N(2).concat(w(this,265)),f)[1]=f[0]^6,f)[3]=f[1]^q[0],f[4]=f[1]^q[1],this).dZ(f))Q="!"+Q;else for(Q="",v=0;v<f.length;v++)l=f[v][this.T](16),1==l.length&&(l="0"+l),Q+=l;return w(this,(V(430,((w(this,(Z=Q,265)).length=L.shift(),w)(this,417).length=L.shift(),this),L.shift()),9)).length=L.shift(),Z}if(B==bo)ac(this,J[2],J[1]);else if(B==Y)return ac(this,8001,J[1])}}finally{C=t}}}(),U.prototype.oF=0,U.prototype).tU=0,/./);U.prototype.dZ=function(C,O,J,p){if(O=window.btoa){for(p=0,J="";p<C.length;p+=8192)J+=String.fromCharCode.apply(null,C.slice(p,p+8192));C=O(J).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else C=void 0;return C};var Yc,jw=(U.prototype[Sw]=[0,0,1,1,0,1,1],h).pop.bind(U.prototype[M]),ZC=((Yc=zN({get:jw},(n8[U.prototype.T]=jw,U.prototype.G)),U).prototype.v6=void 0,function(C,O){return(O=Qz())&&1===C.eval(O.createScript("1"))?function(J){return O.createScript(J)}:function(J){return""+J}}(c));(40<(g=c.botguard||(c.botguard={}),g).m||(g.m=41,g.bg=B_,g.a=H_),g).hDL_=function(C,O,J){return[(J=new U(C,O),function(p){return kc(J,p)})]};}).call(this);'));
}).call(this);

Executed Writes (0)


HTTP Transactions (85)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7324
Expires: Thu, 24 Nov 2022 07:02:36 GMT
Date: Thu, 24 Nov 2022 05:00:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4676
Cache-Control: max-age=110920
Date: Thu, 24 Nov 2022 05:00:32 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:49:13 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9323
Expires: Thu, 24 Nov 2022 07:35:55 GMT
Date: Thu, 24 Nov 2022 05:00:32 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 04:18:55 GMT
cache-control: public,max-age=3600
age: 2497
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: xEzyKi8iN64FE0a2XEt8iWMIxZVjkggmiyqMIl0zDBRMaZd96Qnzded/tLXtiaDAMyciC+h07d4=
x-amz-request-id: TR94W57KHNF6111M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 04:40:16 GMT
age: 1216
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 05:00:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 2962
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /checkout/payment?cart_token=dcccfb70-6b9e-11ed-8c0d-0209f11817a0-637ed56d2b722&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=cb1d01f0-6b9e-11ed-ba77-3dc58798b9bc HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         170.82.173.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Thu, 24 Nov 2022 05:00:33 GMT
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.caixamisteriosa.net:443/checkout/payment?cart_token=dcccfb70-6b9e-11ed-8c0d-0209f11817a0-637ed56d2b722&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=cb1d01f0-6b9e-11ed-ba77-3dc58798b9bc
X-GoCache-CacheStatus: BYPASS
Server: gocache


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   134
Md5:    4aa7a432bb447f094408f1bd6229c605
Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa
Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3279
Cache-Control: max-age=104459
Date: Thu, 24 Nov 2022 05:00:33 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:01:32 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D7548296332965340531C7DF22969B5DA03E77BBA41AB7FCD154FF85C1E1CE04"
Last-Modified: Tue, 22 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20356
Expires: Thu, 24 Nov 2022 10:39:49 GMT
Date: Thu, 24 Nov 2022 05:00:33 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cCv89QU/Xnka23UTjeRuFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.190.4
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rkFa0qA9MITCGyCkMTbwcnPHZ6I=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=124953
Date: Thu, 24 Nov 2022 05:00:34 GMT
Etag: "637e3879-118"
Expires: Fri, 25 Nov 2022 15:43:07 GMT
Last-Modified: Wed, 23 Nov 2022 15:12:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=172091
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:48:46 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=172091
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:48:46 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e9636950b51.jpeg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
content-length: 8648
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9336, status=webp_bigger
etag: "8220257871413a2a14ab3d6b964f6abf"
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-id-2: WOHDPEOS7Kbw/Km7fgrMUKXv1a3r8dMiE8f0aqP8mo6e5MGwSdp4/yE9cPklR6rn7tsh4Y4JqBI=
x-amz-request-id: 8WBW12YAK1CEPG4V
x-amz-version-id: HfrtBnZFXQLQQPWMe2SSfAQyOFUNAZMA
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1202
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEg454QWLDNYfNBI%2B6hXvW2fw0fOwuLuUGCKpgEgC9YLnh0HCwjIejxt1giuj3dyZaPQ2OnNNEE4ozAvH4M8UHfm0mITahNTbFy%2BEMr4%2FUPWaxxWban3GrrFZyzWknagCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eedaf5b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size:   8648
Md5:    53f8716e4000def629db36d31f645cb1
Sha1:   db8c371fc52e7ab263634119821620d9f03c814f
Sha256: 2efb36089e2b052421b3c15c6c159fae1924bc1a1c2209ccd82f4d0ccc13f1c2
                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e9635ebe532.jpeg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
content-length: 9510
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10320, status=webp_bigger
etag: "04572c76d141851db42a1a6e13d38b71"
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-id-2: wfNSWLBb8LRKt2vASYWjGYe1dSTUjqQIqUt4u3t6XFbCvh3LIamA5NtwYW0bvbwj9Kuwkqx/X0M=
x-amz-request-id: 8WBJYF11HGW8A11X
x-amz-version-id: AatCE1mkRL6z1GEYqQay5AQrkz_0GlQk
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1202
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1ZVcTpbSfupnjFhdRJUNbm0RfnaAMpNp8nFLtV0TU%2BLq4gTKhMoC9bjtzn4f6WsWD%2FtuStZwpOQ2k%2Bd5iZG4X80iGLksC1AiEIbMA75Jq7JgBFRF7mYJ5vuDOnr88zVag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eedaf8b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size:   9510
Md5:    958180500c499802b8c9d1c832f7945c
Sha1:   d1884b093666b9e6813b79471311a75c2304005a
Sha256: 1466c5bac4447ac52bc4780d617c80e4872b53df4a63c86a42ac0e1e93cc572e
                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e96354775ca.jpeg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
content-length: 8208
cf-bgj: imgq:100,h2pri
cf-polished: origSize=8822, status=webp_bigger
etag: "64d0d3cf4cf12b175c2bfde2b119fd73"
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-id-2: Bo7a2FiffHzk9Gmf/XHbcWOvTTU1o7vI+Fa8xCvRk8eiO6SZrQMbW+6BldwzxYkd+lKm9iMYwAc=
x-amz-request-id: 8WBWCTMC7X2EMG9G
x-amz-version-id: xeytj2tGe9ZE1VBrjh._yFfBsbQCZQQP
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1202
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1L6yFuuBNneKpZCVlQ2Ah7LaV9MDEnnATB6rzzVEQfYIvyw0TkKhuXoy0mfeJVwmWrP25RYwdsBN58BgxViJL3a1ZOZ0SqSdzoFGP%2BzW2cKPvPHKFs1ddFRGfwTJvNiC3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eedaf9b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size:   8208
Md5:    9074436dac9f6d61bccb042c185adff3
Sha1:   b9d1247ca03baccc0203747de619c3579ac299fe
Sha256: b0a54814b8b0f5abf1f1c43941cfdc945fb105f0ad91962af3df15b2a98d1b24
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=172091
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:48:46 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5287
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 05:00:35 GMT
Connection: keep-alive

                                        
                                            GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Thu, 24 Nov 2022 05:00:35 GMT
date: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   583
Md5:    6b3cb5bbe301fdd0a49c69f1f7c55f2b
Sha1:   b7718b95e61ec3f794d358fc292dcee74f395dde
Sha256: 505ac8bc7638a897b56c0c13295f4694c8a6830beb4daaea67131ba553b0197b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5287
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 05:00:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:19 GMT
age: 25396
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:15 GMT
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
age: 78320
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    d9d93b2a6875d446c3467eb49767eef5
Sha1:   303c571b13b05fcf27ee1159d8fdf6369aaef0a2
Sha256: 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5287
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 05:00:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8702
x-amzn-requestid: 9687d5fa-c9f8-4afc-8278-0f0c12b28329
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx9FQ4oAMFWmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-397fca41442c0d7309395e4b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4cgRxjx6TQRxl4FIKsjrBPDZmhoDgbG72UAMRUnxZBUqV7yCfj3PyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:44:50 GMT
age: 26145
etag: "5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8702
Md5:    cfb61d1d2a4d3e62e410c926cfa4a1ab
Sha1:   5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436
Sha256: 4297b6c45e7dca6f841ae56da1040e1287f2e70c98e5f7fc674a674b59ebc7a2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 25392
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11401
Md5:    eb94ecb5881a7e49d964e4287d11e7a4
Sha1:   4b131a189db1b615e2519a28cad83d78297ab67f
Sha256: f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=172091
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:48:46 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 25848
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=172091
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:48:46 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10667
x-amzn-requestid: 985ed1c6-49ed-4851-8a79-f700bbe027c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsGkSIAMFvDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-260dc99256e117e85643b441;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _fs5EfJzWkPQB-Ur7_YVmCHySMj_WXiHUCK8w2nWYvrJSkDaquq37g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
etag: "10a988580bb7a1be72be5dd50d2aef9789f36b62"
age: 25395
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10667
Md5:    f0dfc05d73111c498bb0e844105a02f6
Sha1:   10a988580bb7a1be72be5dd50d2aef9789f36b62
Sha256: 3852f331fe12a0a8e6007409f043da6aabadbb8f2883e87ae72ca8d70d31727f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1811
Cache-Control: max-age=172091
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:48:46 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170280
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:18:35 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v0.js HTTP/1.1 
Host: js.upnid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         130.211.14.112
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Thu, 24 Nov 2022 04:40:32 GMT
age: 1203
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23050)
Size:   8310
Md5:    49fa980f95bb3bbff8b7a2857a727d5d
Sha1:   9e931943f03079522318820948018d78610eaca4
Sha256: 4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2460
Cache-Control: max-age=122339
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637e2bba-116"
Expires: Fri, 25 Nov 2022 14:59:34 GMT
Last-Modified: Wed, 23 Nov 2022 14:18:34 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2460
Cache-Control: max-age=122339
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637e2bba-116"
Expires: Fri, 25 Nov 2022 14:59:34 GMT
Last-Modified: Wed, 23 Nov 2022 14:18:34 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.0.53
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
content-length: 77160
x-amz-id-2: iUTOwFydP8RsPO1NtKniPNpqiMLObq0cuz8gcTZQCkYwx3XGTMO5MTYO/ALP2qMWyl1S6/86k/I=
x-amz-request-id: W2P7JD2NHFG77EAJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: HIT
age: 1202
expires: Fri, 02 Dec 2022 05:00:35 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 76ef94f0cf3fb4ff-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 544898
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size:   33580
Md5:    848cd2ecd011428969dc6b90431bc482
Sha1:   6b1a7b562a56bd54510e0f6f95e26babca331a1b
Sha256: 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140742
Date: Thu, 24 Nov 2022 05:00:35 GMT
Etag: "637e7a7e-1d7"
Expires: Fri, 25 Nov 2022 20:06:17 GMT
Last-Modified: Wed, 23 Nov 2022 19:54:38 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cbcvuBZ2o3e_4TdOEIkJQwVvq7hR5lSWdP1X3qsL3jdjKADNVTgzRg==
Age: 699

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/images/2-caixas-misteriosas-edicao-limitada-62e956c5108f7-thumb.png HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
content-length: 169220
x-amz-id-2: dGvMg4h2UWED4qNTyjv/Q6gYvY1+lEgerzcmJYpb+8p92rfdX2ykdM2c8aO/0h2GbHB04z5t5iY=
x-amz-request-id: 2JM3C33KYPTA52Z2
last-modified: Tue, 02 Aug 2022 16:54:33 GMT
x-amz-version-id: azK75EHkA596NEFZocjqcgaxW.Vy7Wp2
etag: "9a096d6b71e9b1d95979c592af7102a3"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUvY84mzsMqRGsVhCowi7M6J%2FgQQ8JjfTjdvKlJxHiCmqDQwDQRWt9lAAve%2BzgOARIzzpPKugDkMWRGTaNyIE2hSiMCB4YIasSZuiD9l%2Bh5iN%2FDN7muIk2b8tvQn3dlA7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eedaf7b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 290 x 312, 8-bit/color RGBA, non-interlaced\012- data
Size:   169220
Md5:    9a096d6b71e9b1d95979c592af7102a3
Sha1:   21a2113be731cb8a8c99a01068d5fbf051a18410
Sha256: f3d8d1e17077364d7fbea6e58240275a6039bf87f1ec985e6f8a31acf2b58e7b
                                        
                                            GET /i18n/pixel/config.js?sdkid=CDK4CUJC77UEMNFPVPVG&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240500356DC3038DF6AD9591FAA0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b54076bbcbc3ea4a0a9b6a20a6c108d96efc175156f3de3599716cadb36d85770d348c581fdbe78c7ed676e31e4f56f07cd2805b589eac03943aeefe61e6e4a85c
content-encoding: gzip
content-length: 1830
x-origin-response-time: 6,23.218.223.21
x-akamai-request-id: 8b6637ca.653f8b63
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-21.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
x-parent-response-time: 105,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (3948)
Size:   1830
Md5:    d31c0573050884fa1894aa9335392975
Sha1:   586657bcba9356bcdc797a1d6e5905f8bf0f0f7f
Sha256: 4bb5838a54f80b0173e9ee6d84a2d6b7f64b2f7e846d62f8d6876f660b92b9d3
                                        
                                            GET /i18n/pixel/config.js?sdkid=CDUVI73C77UAFLPMLING&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124050035CBABA2537CF8BE9A5686
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5e8a40be0cda0c89dc4b2da75184b47c0d2e87158b6afc07436d1f90716e96826e81df30c0146c7f340a42769e7b8d2cda5d314fb1527b4b397a647ef23ce059a
content-encoding: gzip
content-length: 347
x-origin-response-time: 6,23.218.223.23
x-akamai-request-id: 1d1d7685.653f8b6e
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Hyn8xlPU1jdwd2a4XmjdWuo5ie; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=6, inner; dur=3
x-parent-response-time: 111,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   347
Md5:    5cf900d78e41def37017bd375551cbfd
Sha1:   56ffd0e2a45e563c15667f179410521c8bdab33f
Sha256: 4fb1d6444df8406e392a54e13132c7bfae70aa8e796b7dc5f8a0378e29d99111
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 898
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn90obRrDk82Ek14E2qy1rAZL
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124050035C7C5E44DDC295BAE072F
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2f7bc596810103aa7bddff1330013f587711c74c26380c6f7dc27649b17caa219f6287a25de25d7ff7ecb1e7aeb3d7797c11fc8c664d880654fb47e627c801a4b2
x-origin-response-time: 21,104.96.220.87
x-akamai-request-id: 20967ef2.653f8bf8
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-87.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=21, inner; dur=19
x-parent-response-time: 119,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 898
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn90obRrDk82Ek14E2qy1rAZL
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112405003537C2D0E6CD628197F41E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2f7fbf0fcb58cd9921d4e4812d5a08c3c125f35ad1626a01bb38358b245f710d24a42cbf922a188c747ec75ccca9409621d270ec7173db74d969b319dcc8033aa1
x-origin-response-time: 21,104.96.220.140
x-akamai-request-id: 6882bce.653f8c07
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-140.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=21, inner; dur=19
x-parent-response-time: 120,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 792
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn8xlPU1jdwd2a4XmjdWuo5ie
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124050035945165796C9CC29A2161
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5e8a40be0cda0c89dc4b2da75184b47c0ae7b8361bf22009e4177f03f010630b646b7f1ecfe20e6e64c858d6b8193fd3c980214e42be167842a3d2604d5af9de4
x-origin-response-time: 19,23.218.223.23
x-akamai-request-id: 1d1d7c93.653f8c08
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=19, inner; dur=16
x-parent-response-time: 118,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 943
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn8xlPU1jdwd2a4XmjdWuo5ie
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112405003520997F5286B157A07C73
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b53dc74ede926fff0064c6942ab4c80fd56e8ece445ef75ccc82b7ad431306530ef116ee88804e72f712c2eb546cfc560db95201ed2dd749373bd6fe32f1edab56
x-origin-response-time: 19,23.218.223.5
x-akamai-request-id: 3e97ec0f.653f8c23
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-223-5.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=19, inner; dur=16
x-parent-response-time: 117,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 951
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn8xlPU1jdwd2a4XmjdWuo5ie
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202211240500351003125F4DB166A0A277
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b50541862bcd00cee904deb0fac27472df06768e509c3fcebdaa4c2aac78d4f0d690a7636710bcadc42f09f71951cfce4eda333625b27f2acc9fb51cf492acfd8b
x-origin-response-time: 29,23.218.223.9
x-akamai-request-id: 32010fe1.653f8c1b
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-223-9.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=29, inner; dur=16
x-parent-response-time: 149,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            GET /i18n/pixel/identify.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240500359D51BDCE7F7279A82330
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2fb9beb353da41ce900ffcd45c15263d8b21c6cef519ba3b8bca5583222f8cffd00144a5c8ba303109c304b7e5f162d056ae232b1336191d6b6f2614080288f47e
content-encoding: gzip
x-origin-response-time: 6,104.96.220.14
x-akamai-request-id: 19b1f605.653f8b4f
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-14.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=6, inner; dur=2
x-parent-response-time: 107,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   31013
Md5:    e746d87b3fe196168bf1a039e2b2ae55
Sha1:   58186d3567d1c435e3e7c20d30d1d1651e090d08
Sha256: 152fa045595f7f0ff14beb2c7e61d280f8c63aac6e278a3e34eb2470530a2d95
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 739
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn90obRrDk82Ek14E2qy1rAZL
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124050035F6656D63E282DEA1FA97
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2fed62095ad3edeb738170725314ee0c14520303caae780e220444ca9615fd8c6fa0de8e2e0b6de41ff3ffb299ce7b4c541e9488f25fd1e17c05262d4355a75ed3
x-origin-response-time: 87,104.96.220.135
x-akamai-request-id: 1ee41a62.653f8c03
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-135.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=87, inner; dur=80
x-parent-response-time: 188,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 784
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyn8xlPU1jdwd2a4XmjdWuo5ie
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112405003505BFD419D695019BAC00
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2fdc973c69a76d26a6c26f9537850a4f96abe9d7fff967430f1409f59e6a342bc4acdc600aeefccc2d18a1343dadc274c5a510bd96669a3f24d361951c78d60785
x-origin-response-time: 80,104.96.220.13
x-akamai-request-id: 22ec7699.653f8c1c
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=80, inner; dur=78
x-parent-response-time: 178,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=121049
Date: Thu, 24 Nov 2022 05:00:36 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 14:38:05 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:58:48 GMT
expires: Thu, 23 Nov 2023 14:58:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 50508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 04:41:08 GMT
expires: Thu, 24 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 1168
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Avj1IhT9XHzUGjKke+wa+bhcYEVHUFdKNzn8zYZ9QMmeI2idE/H8Ue7CPsDUPf+FdGT3MCZJ9Ysp26GspH1CXw==
content-length: 27340
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 05:00:36 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=121049
Date: Thu, 24 Nov 2022 05:00:36 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 14:38:05 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cart/recomm HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjVEQU9TdkZKWmg4UTlyanoxdXBvdHc9PSIsInZhbHVlIjoiRU5qRmRyZnhMXC9jdTlFSU4xUmZtbnZNcE0xRDduNklCMWZOQ0hEaVZzdm5XdjVFdnhoTitcL3gyVDlGXC92OUNSd0RzcUNvdVwvcFwvbklhUDFtMkFTWmthUT09IiwibWFjIjoiOGUzZTJiMDhlNWI2OTFmYTkwYjJmNzNjMTI5ODFmZWZiYTY3OWI1OTVkYWIwNTBkMzVjNmQ4MzliYWRlYjE3MiJ9; bubbstore_checkout=eyJpdiI6IlozampzSEdudEVyYjg4VzBqeU5qYVE9PSIsInZhbHVlIjoiWjAxRjFsR29JcXJDdGVUTEZWeUpnXC9iZlVJeDF0eSs3ZytpdWpwdzdvK1FTdVwveHliSEFrZnpBTzNvZ012ZDlSamczWjVzeDVQc1JZbDM3aG9QRDZTZz09IiwibWFjIjoiNzY0OGU0ZmRhMDdmZGIwMDcxMGVjNzA4ZDcxYjQ1ZDhiNDdiYWI3ZTI3MDRlMTkzNzQzNWNiZmZiN2EwNjkwZSJ9; caixa-misteriosa9_cart=eyJpdiI6ImpIZWJZMW1MRktyUWo4UGh2Q2tSUlE9PSIsInZhbHVlIjoiNHoyaG1mMWJCSU9LQjNMa2hmTVgxZXJxdEd1bE5HRkwrMXpiYXB1QktYT3JqV3lxM1NCR3E0VU1HMTFxd2s3UVBmKzVrbG9FeDdtT3d3bXRUXC9YNUF3PT0iLCJtYWMiOiI0ODY3ZGU3Nzc4MGJkNmUxNWY1MGU3NDg4OTg4NmI0MzVlOTliNTIzY2M3ZjYyZWNlNmFjYWU1NjM2OWE3NjA3In0%3D; cart_auth_282511367=eyJpdiI6IjczSmlJYmI2TmJlSnhiMEMrbEY4VHc9PSIsInZhbHVlIjoiMUVzOXBNU1wvczd1RDRqWUpJdEk5c0xhU2duekJrcDZ1aXBcL0JCNUxlYmNIbld3YnNNWE90eFhweFdySEFyYWFQa3JvXC9cL3FMUHhcL2VWM0E2Z2kxdExwamo0OVJqYlRmQ1drczh6bHAwMFNaQVR2akRtZzY1c0NyOHgrMFdlZHQxeGhPaVwvN0FPR1RUbHNGbkFWZTJFUGx4TExEYjV0bDZXa1VcL2pZS3BEeTh6ZERWeTloQytHdFVTbmNMeEhkZFcyZW9OSEZTTEZRTHdWQUxpWXhXUmFydCsyeXZwYkZDTDlcL0FYdVRUR0JpaTIrUTI1NVlZV1RGVHhVOExkdTFXWUpIbzc2TGowK3BZUGIxNGRBNnY4azdxSEFqUXpNekhrXC96Q3NwV09mSmFybmJkODUrQTdTTkI4VTFiclVoMlB0MVA2akRHZTlcL0pqSlQ5S3RrYVwvbUxyVm9sVjM2K0FLckNValRcL25BNDJIbkZCWFQ2dGQ1T2pBMnVCSXVTazFCOEZEYXBvUEZjZDNXckVhRjRVcXc2UEg1MmhaZmJqczBcL1wvSERmaVJHc0l6M05oZThOWFpMakM2WmdQSjBjakZtclQ3bFV4NzREbGdaNmxPNFZzdkduVFB4UUJBQWVZRXVKd3pUdFwvV0ljaXJzYXpRcXdacVhJT2JCR3NtRHl3WTRtWWhSQ0JVM2NJcWVOMmVnems0XC9GaGdNQjhQZ2hnN2hyYnk5a281VEh2OGZNb1MyRFRISHFyZGdmeXBYeEwzZk9RYjBGdlwvdDBsN2R3RUNQemlhYnQ3UW9BPT0iLCJtYWMiOiIyYjU5MTAwYTU1Mzg2NGMzYTBmMDM1YjNhOTRkYmI2YmFmMGVjNjgyMDAwZWRlMzBlMTgxNjk4MTFhMzY4NjliIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         170.82.173.30
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IndXWm5VakhyRVpNdzdPZVQ3WWVwUGc9PSIsInZhbHVlIjoialY2OHFhMytvd2ErbDNQcDBCeGx0akRKenVJaU0rdGNudkdOK1F3cnZwVjBhSkxwVXBjbVRmREs2QnV3NDY3S3BveVQzOUlwNzFGVlMzNkF4RDkxOEE9PSIsIm1hYyI6ImNlZDM4NTFhYjA4NDc1ZDljMzNmYWMzYTIwODVmMjc0MDc5OTZmM2Q3YWJjMmMwYjFiZGEzYWM2NTEzYTEzY2IifQ%3D%3D; expires=Thu, 24-Nov-2022 08:00:35 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6ImJndWtwemxCM2FxRFB0V081Z212eFE9PSIsInZhbHVlIjoibUY0K1pzUlcwVmY1SWJEYnRnV2pocitieVZIOFd1cGJQS1VPNDBmd3U4MHh5SjRcLzZRbEF2NFRmcWRnbTZCU3NpOEJTY2w3RjJYRmZMY05cL003ZDJOUT09IiwibWFjIjoiZTAzMGFkOGViNmQwMTU4MDUwNzJmYzU2ZmFiNmJmOWY4OTk2YzRmNGY3NDg1ZDlhOTA1Yzc0NjM0NmIzNTVhZSJ9; expires=Thu, 24-Nov-2022 08:00:35 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (720), with no line terminators
Size:   448
Md5:    52dba393b50174ea18d28a28d044d666
Sha1:   961b0fee260a422f8bd01b2cb7fdc507b79678b4
Sha256: da85a7b008d7f009dce3de4ccdbd21af53196f3b2829610f8a284019ff96a524

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 376
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjVEQU9TdkZKWmg4UTlyanoxdXBvdHc9PSIsInZhbHVlIjoiRU5qRmRyZnhMXC9jdTlFSU4xUmZtbnZNcE0xRDduNklCMWZOQ0hEaVZzdm5XdjVFdnhoTitcL3gyVDlGXC92OUNSd0RzcUNvdVwvcFwvbklhUDFtMkFTWmthUT09IiwibWFjIjoiOGUzZTJiMDhlNWI2OTFmYTkwYjJmNzNjMTI5ODFmZWZiYTY3OWI1OTVkYWIwNTBkMzVjNmQ4MzliYWRlYjE3MiJ9; bubbstore_checkout=eyJpdiI6IlozampzSEdudEVyYjg4VzBqeU5qYVE9PSIsInZhbHVlIjoiWjAxRjFsR29JcXJDdGVUTEZWeUpnXC9iZlVJeDF0eSs3ZytpdWpwdzdvK1FTdVwveHliSEFrZnpBTzNvZ012ZDlSamczWjVzeDVQc1JZbDM3aG9QRDZTZz09IiwibWFjIjoiNzY0OGU0ZmRhMDdmZGIwMDcxMGVjNzA4ZDcxYjQ1ZDhiNDdiYWI3ZTI3MDRlMTkzNzQzNWNiZmZiN2EwNjkwZSJ9; caixa-misteriosa9_cart=eyJpdiI6ImpIZWJZMW1MRktyUWo4UGh2Q2tSUlE9PSIsInZhbHVlIjoiNHoyaG1mMWJCSU9LQjNMa2hmTVgxZXJxdEd1bE5HRkwrMXpiYXB1QktYT3JqV3lxM1NCR3E0VU1HMTFxd2s3UVBmKzVrbG9FeDdtT3d3bXRUXC9YNUF3PT0iLCJtYWMiOiI0ODY3ZGU3Nzc4MGJkNmUxNWY1MGU3NDg4OTg4NmI0MzVlOTliNTIzY2M3ZjYyZWNlNmFjYWU1NjM2OWE3NjA3In0%3D; cart_auth_282511367=eyJpdiI6IjczSmlJYmI2TmJlSnhiMEMrbEY4VHc9PSIsInZhbHVlIjoiMUVzOXBNU1wvczd1RDRqWUpJdEk5c0xhU2duekJrcDZ1aXBcL0JCNUxlYmNIbld3YnNNWE90eFhweFdySEFyYWFQa3JvXC9cL3FMUHhcL2VWM0E2Z2kxdExwamo0OVJqYlRmQ1drczh6bHAwMFNaQVR2akRtZzY1c0NyOHgrMFdlZHQxeGhPaVwvN0FPR1RUbHNGbkFWZTJFUGx4TExEYjV0bDZXa1VcL2pZS3BEeTh6ZERWeTloQytHdFVTbmNMeEhkZFcyZW9OSEZTTEZRTHdWQUxpWXhXUmFydCsyeXZwYkZDTDlcL0FYdVRUR0JpaTIrUTI1NVlZV1RGVHhVOExkdTFXWUpIbzc2TGowK3BZUGIxNGRBNnY4azdxSEFqUXpNekhrXC96Q3NwV09mSmFybmJkODUrQTdTTkI4VTFiclVoMlB0MVA2akRHZTlcL0pqSlQ5S3RrYVwvbUxyVm9sVjM2K0FLckNValRcL25BNDJIbkZCWFQ2dGQ1T2pBMnVCSXVTazFCOEZEYXBvUEZjZDNXckVhRjRVcXc2UEg1MmhaZmJqczBcL1wvSERmaVJHc0l6M05oZThOWFpMakM2WmdQSjBjakZtclQ3bFV4NzREbGdaNmxPNFZzdkduVFB4UUJBQWVZRXVKd3pUdFwvV0ljaXJzYXpRcXdacVhJT2JCR3NtRHl3WTRtWWhSQ0JVM2NJcWVOMmVnems0XC9GaGdNQjhQZ2hnN2hyYnk5a281VEh2OGZNb1MyRFRISHFyZGdmeXBYeEwzZk9RYjBGdlwvdDBsN2R3RUNQemlhYnQ3UW9BPT0iLCJtYWMiOiIyYjU5MTAwYTU1Mzg2NGMzYTBmMDM1YjNhOTRkYmI2YmFmMGVjNjgyMDAwZWRlMzBlMTgxNjk4MTFhMzY4NjliIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im0yMTNhQWEwcjhrckd1ZjBlYm1Bamc9PSIsInZhbHVlIjoiVVhVQ3FxMmgxdWpuMUFMd0crZ1cyek0rdmswNVRCdlJQWjcyaVo4eHQ2T3FQZ1JtcHAwR3FuYU5qdCtpYmQ0YzNkMjVsTk5RUXhHNVN0SjRBQURTM0E9PSIsIm1hYyI6ImU1OTYxNmQxOTk3NWFlNzYxMGQzZWEyZjVlMzY4NjdiMWQ4Zjk5Y2JkYzVkMzg0YTYxYTc0YjQ3YThlZGVhYjEifQ%3D%3D; expires=Thu, 24-Nov-2022 08:00:35 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IklVdWgzQzYwREpDZ1FWT2tjUVRZMWc9PSIsInZhbHVlIjoiTVpaRlNJSytrb0lBZkloRThOMG9aOVZhc3FWRXVGQTB4N1hsTm1VcUY2STd3UEszZUZoYTlyYStSM2V0NFh5NUwxMzBEanJDUDVsYW1JRUJPWVh6YXc9PSIsIm1hYyI6IjAyNTcyYTk1YzdmY2Q0ZTM3ZDg5MmNjMDRmMGIzZjA3YmMxZWRiNzJiZDU3MmI3YzhlZjMzMDI5ZWQxNDVlODgifQ%3D%3D; expires=Thu, 24-Nov-2022 08:00:35 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   492
Md5:    6bea03bb87602412e040b7c167bb8596
Sha1:   c7cfe843202071ee7eefa2ce8860ef0f5ec28254
Sha256: 2b6e62d989cfb25f3d85356d6bfa2cd3e75c696371568529d7f0e3ec68072508

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=2032017265.1669266036&jid=1259189979&gjid=1321976174&_gid=112143032.1669266036&_u=IEDAAAASAAAAAC~&z=577276871 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.150.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://seguro.caixamisteriosa.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 05:00:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 05:00:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /king-assets.yampi.me/dooki/62e95d312bc5a/62e95d312bc60.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.164.124
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: lAyQ13xWGG67ryHU+LQNmcIgOSUEdODTlIR+gQ5w9jYvrjb8Zbl0PMzJSk7/FKvmYduo8ajwjqw=
x-amz-request-id: 2JM32YF0RGABJ24M
Date: Thu, 24 Nov 2022 05:00:36 GMT
Last-Modified: Tue, 02 Aug 2022 17:21:54 GMT
ETag: "42653495a27a747f3deff05ead6ab0f1"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 190952


--- Additional Info ---
Magic:  PNG image data, 1628 x 1083, 8-bit/color RGBA, non-interlaced\012- data
Size:   190952
Md5:    42653495a27a747f3deff05ead6ab0f1
Sha1:   7f774f610fb12f312daeb5d49c5cc88af7dd1dc1
Sha256: 3ce6c07440b880752a44c423832b8a6691d7b22898871e08b38f0abe62b92fc4
                                        
                                            GET /jquery/jquery.js HTTP/1.1 
Host: cdn.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-amz-id-2: 6rUk2JDrWUHbmSyZclIHS8+VegbRVfihQeD4Jd8T/P/up0mCsSmBDVs4VTCyH3Q5VekHaZtZrug=
x-amz-request-id: BGZG7S6KVW8D2S4Q
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyKrzkDp%2B0tibOV9nwp8iasYoi2b8veXGP%2FrmYbleK8WY%2FhK9tQoQu%2Ff3SATKASaNXGQxt4zpQi1mcp76xWzkbet966%2FYyBFtvr2wqPqRPSnQl3FGdyLuuP3%2BS%2BO0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94ef2b2eb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 05:00:35 GMT
date: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /ana/ana.min.js?t=1669334400000 HTTP/1.1 
Host: cdn.yampi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.14.227
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-amz-id-2: YYcFlHvBsjZMxS9pNosiFSJszKXyIQM//8jhHBR1C7WdA0LhW23x6LnOHZRkaZBR+AdDW+U7TgI=
x-amz-request-id: 77211RQ8TENBBWG7
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 3612
expires: Fri, 24 Nov 2023 05:00:35 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94f068950b65-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CDK4VU3C77U9GFT2SN80&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240500355DCBFD81BF5030A1E23A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2f7bc596810103aa7bddff1330013f5877bad875b4412f2bbc277f96d890da4eb1865a5494303f15b62625480351c2d9026662c65a3556ea8a5ebbd6f9b36632ce
content-encoding: gzip
x-origin-response-time: 6,104.96.220.87
x-akamai-request-id: 20967eee.653f89fc
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-87.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=132, origin; dur=6, inner; dur=3
x-parent-response-time: 138,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 368
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjVEQU9TdkZKWmg4UTlyanoxdXBvdHc9PSIsInZhbHVlIjoiRU5qRmRyZnhMXC9jdTlFSU4xUmZtbnZNcE0xRDduNklCMWZOQ0hEaVZzdm5XdjVFdnhoTitcL3gyVDlGXC92OUNSd0RzcUNvdVwvcFwvbklhUDFtMkFTWmthUT09IiwibWFjIjoiOGUzZTJiMDhlNWI2OTFmYTkwYjJmNzNjMTI5ODFmZWZiYTY3OWI1OTVkYWIwNTBkMzVjNmQ4MzliYWRlYjE3MiJ9; bubbstore_checkout=eyJpdiI6IlozampzSEdudEVyYjg4VzBqeU5qYVE9PSIsInZhbHVlIjoiWjAxRjFsR29JcXJDdGVUTEZWeUpnXC9iZlVJeDF0eSs3ZytpdWpwdzdvK1FTdVwveHliSEFrZnpBTzNvZ012ZDlSamczWjVzeDVQc1JZbDM3aG9QRDZTZz09IiwibWFjIjoiNzY0OGU0ZmRhMDdmZGIwMDcxMGVjNzA4ZDcxYjQ1ZDhiNDdiYWI3ZTI3MDRlMTkzNzQzNWNiZmZiN2EwNjkwZSJ9; caixa-misteriosa9_cart=eyJpdiI6ImpIZWJZMW1MRktyUWo4UGh2Q2tSUlE9PSIsInZhbHVlIjoiNHoyaG1mMWJCSU9LQjNMa2hmTVgxZXJxdEd1bE5HRkwrMXpiYXB1QktYT3JqV3lxM1NCR3E0VU1HMTFxd2s3UVBmKzVrbG9FeDdtT3d3bXRUXC9YNUF3PT0iLCJtYWMiOiI0ODY3ZGU3Nzc4MGJkNmUxNWY1MGU3NDg4OTg4NmI0MzVlOTliNTIzY2M3ZjYyZWNlNmFjYWU1NjM2OWE3NjA3In0%3D; cart_auth_282511367=eyJpdiI6IjczSmlJYmI2TmJlSnhiMEMrbEY4VHc9PSIsInZhbHVlIjoiMUVzOXBNU1wvczd1RDRqWUpJdEk5c0xhU2duekJrcDZ1aXBcL0JCNUxlYmNIbld3YnNNWE90eFhweFdySEFyYWFQa3JvXC9cL3FMUHhcL2VWM0E2Z2kxdExwamo0OVJqYlRmQ1drczh6bHAwMFNaQVR2akRtZzY1c0NyOHgrMFdlZHQxeGhPaVwvN0FPR1RUbHNGbkFWZTJFUGx4TExEYjV0bDZXa1VcL2pZS3BEeTh6ZERWeTloQytHdFVTbmNMeEhkZFcyZW9OSEZTTEZRTHdWQUxpWXhXUmFydCsyeXZwYkZDTDlcL0FYdVRUR0JpaTIrUTI1NVlZV1RGVHhVOExkdTFXWUpIbzc2TGowK3BZUGIxNGRBNnY4azdxSEFqUXpNekhrXC96Q3NwV09mSmFybmJkODUrQTdTTkI4VTFiclVoMlB0MVA2akRHZTlcL0pqSlQ5S3RrYVwvbUxyVm9sVjM2K0FLckNValRcL25BNDJIbkZCWFQ2dGQ1T2pBMnVCSXVTazFCOEZEYXBvUEZjZDNXckVhRjRVcXc2UEg1MmhaZmJqczBcL1wvSERmaVJHc0l6M05oZThOWFpMakM2WmdQSjBjakZtclQ3bFV4NzREbGdaNmxPNFZzdkduVFB4UUJBQWVZRXVKd3pUdFwvV0ljaXJzYXpRcXdacVhJT2JCR3NtRHl3WTRtWWhSQ0JVM2NJcWVOMmVnems0XC9GaGdNQjhQZ2hnN2hyYnk5a281VEh2OGZNb1MyRFRISHFyZGdmeXBYeEwzZk9RYjBGdlwvdDBsN2R3RUNQemlhYnQ3UW9BPT0iLCJtYWMiOiIyYjU5MTAwYTU1Mzg2NGMzYTBmMDM1YjNhOTRkYmI2YmFmMGVjNjgyMDAwZWRlMzBlMTgxNjk4MTFhMzY4NjliIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im10UEJrOXZucmM3YVNzKzZUeDVINmc9PSIsInZhbHVlIjoiN25MdndJQVdmcXQ1RElYUnB4K21LOFk0cEVVVmVnc1JZeCtQWktCYm5xbGcxQndwMEZxZ2xIUWVxenRZQTN2bDNyZWZvTmIyUDFyckh1ZmdsbjBXYlE9PSIsIm1hYyI6IjU1MGIxNzc4YzE3YzBhZGMzZmRlZjE2NDNkYmRiZmIyNGRlNzk4NTU0NmY2MDgxYjJmYTI0MWE5NDI0MTYzYjcifQ%3D%3D; expires=Thu, 24-Nov-2022 08:00:35 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6ImQ0Slc0Rkk4eEFaUW13dmpNZXBpTmc9PSIsInZhbHVlIjoiSzI4UFZqdDNORndJMHFXcDQ3dkJZNmFFTHpST2haWjRsazFxa3JCTHI4V3NkZExraHZtNkhxYTF6N2tEME5HRkRic2tjVnVXYndoY05lSFAwT0xDT3c9PSIsIm1hYyI6ImFmNzVkODQ2ZmU2Mjk4NjA1ODA4YjY1MTlhOTJhODkwZjQyOGE5NDRmNWQ1MzZmYjg4ZDk3MzczYmQwMmQ1ZjEifQ%3D%3D; expires=Thu, 24-Nov-2022 08:00:35 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-amz-id-2: YA1eDbyiFw9F7lvoHKFMrUFI+rzs4fWeaPTK8HBrcIojzp1Ze0GAqZwjGyO3EOKzm5Y2nWL5dqs=
x-amz-request-id: P208087TQ0JZ3MS4
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: 5lxShk4xe0C8IXXkoQQWK8S_0jFPf.GV
etag: W/"78c7a473b51f1cc2067d1b8860950b25"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TgY9tG31ZH3g2EvygmdB5p2kc9Y0qowb%2BXDOvcmpPm8LG1cf1iFE5fcAnGq0%2Bo1sh65dUABmYxO96McgN8wq%2BWjIAUpbFgd1KeYDRfNOyMPrK92XfjTrmHXIqVPEFGEEQYag5kgFKiL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eedaf3b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=419295709021341305&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124050035191EC5CDA96F2C951598
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2f77751791c18269b4cd075cbc5db8b163b51d10572dff261208d0b362dc8c88d84bf19c2ed9695d645b8a543baf4303391f7fd6274337c57af32c07c19f2e4fc7
content-encoding: gzip
x-origin-response-time: 6,104.96.220.52
x-akamai-request-id: 32bf328.653f89f9
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
x-parent-response-time: 105,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/address HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InhrSWVzWVwvN0h1bXk0ZnFGMDhFc1NBPT0iLCJ2YWx1ZSI6Im9RcncxbGk5RzAyZmljeVBCS0xYWFBmUXh6YnllMlhpdlAzV0JTSFRvZjJVaXF0MkNGb0M2XC9zTlhmazhYVHh1a040QTJtc3ptSnNOd01TZDcxRlIzZz09IiwibWFjIjoiZmE5NmI4ZWY2NzEzYTE1NjgyN2ViOWUyNzA2ZDBkMjhjYTI1NDAyYzlmNjMxZDliZWQwY2RhOTFjZWQ1MTVhNCJ9; bubbstore_checkout=eyJpdiI6IjJzbk5QNDNEbkFoUFhQKzhaa0hLRVE9PSIsInZhbHVlIjoiRW1NeU5nQ3p4XC93cVJGdGdIbHZNbnd0TENKZzl4Y2FvZHU3ZnJzd29GK25hWEJHU0NXUjZyM1ZqT1BNMGdTUUgxZWM0TjlLVTBoTHRLVmdUbDVLTktnPT0iLCJtYWMiOiI1ZmRhNzg0NGE1ZmYxODU4NzRmOTc2YWNhNDgwMDcxMGM5NTRjOGM5MTExYzMwNjNiZDQxN2RiZDM1M2NkYWY4In0%3D; caixa-misteriosa9_cart=eyJpdiI6ImpIZWJZMW1MRktyUWo4UGh2Q2tSUlE9PSIsInZhbHVlIjoiNHoyaG1mMWJCSU9LQjNMa2hmTVgxZXJxdEd1bE5HRkwrMXpiYXB1QktYT3JqV3lxM1NCR3E0VU1HMTFxd2s3UVBmKzVrbG9FeDdtT3d3bXRUXC9YNUF3PT0iLCJtYWMiOiI0ODY3ZGU3Nzc4MGJkNmUxNWY1MGU3NDg4OTg4NmI0MzVlOTliNTIzY2M3ZjYyZWNlNmFjYWU1NjM2OWE3NjA3In0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 05:00:34 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjVEQU9TdkZKWmg4UTlyanoxdXBvdHc9PSIsInZhbHVlIjoiRU5qRmRyZnhMXC9jdTlFSU4xUmZtbnZNcE0xRDduNklCMWZOQ0hEaVZzdm5XdjVFdnhoTitcL3gyVDlGXC92OUNSd0RzcUNvdVwvcFwvbklhUDFtMkFTWmthUT09IiwibWFjIjoiOGUzZTJiMDhlNWI2OTFmYTkwYjJmNzNjMTI5ODFmZWZiYTY3OWI1OTVkYWIwNTBkMzVjNmQ4MzliYWRlYjE3MiJ9; expires=Thu, 24-Nov-2022 08:00:34 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IlozampzSEdudEVyYjg4VzBqeU5qYVE9PSIsInZhbHVlIjoiWjAxRjFsR29JcXJDdGVUTEZWeUpnXC9iZlVJeDF0eSs3ZytpdWpwdzdvK1FTdVwveHliSEFrZnpBTzNvZ012ZDlSamczWjVzeDVQc1JZbDM3aG9QRDZTZz09IiwibWFjIjoiNzY0OGU0ZmRhMDdmZGIwMDcxMGVjNzA4ZDcxYjQ1ZDhiNDdiYWI3ZTI3MDRlMTkzNzQzNWNiZmZiN2EwNjkwZSJ9; expires=Thu, 24-Nov-2022 08:00:34 GMT; Max-Age=10800; path=/; httponly cart_auth_282511367=eyJpdiI6IjczSmlJYmI2TmJlSnhiMEMrbEY4VHc9PSIsInZhbHVlIjoiMUVzOXBNU1wvczd1RDRqWUpJdEk5c0xhU2duekJrcDZ1aXBcL0JCNUxlYmNIbld3YnNNWE90eFhweFdySEFyYWFQa3JvXC9cL3FMUHhcL2VWM0E2Z2kxdExwamo0OVJqYlRmQ1drczh6bHAwMFNaQVR2akRtZzY1c0NyOHgrMFdlZHQxeGhPaVwvN0FPR1RUbHNGbkFWZTJFUGx4TExEYjV0bDZXa1VcL2pZS3BEeTh6ZERWeTloQytHdFVTbmNMeEhkZFcyZW9OSEZTTEZRTHdWQUxpWXhXUmFydCsyeXZwYkZDTDlcL0FYdVRUR0JpaTIrUTI1NVlZV1RGVHhVOExkdTFXWUpIbzc2TGowK3BZUGIxNGRBNnY4azdxSEFqUXpNekhrXC96Q3NwV09mSmFybmJkODUrQTdTTkI4VTFiclVoMlB0MVA2akRHZTlcL0pqSlQ5S3RrYVwvbUxyVm9sVjM2K0FLckNValRcL25BNDJIbkZCWFQ2dGQ1T2pBMnVCSXVTazFCOEZEYXBvUEZjZDNXckVhRjRVcXc2UEg1MmhaZmJqczBcL1wvSERmaVJHc0l6M05oZThOWFpMakM2WmdQSjBjakZtclQ3bFV4NzREbGdaNmxPNFZzdkduVFB4UUJBQWVZRXVKd3pUdFwvV0ljaXJzYXpRcXdacVhJT2JCR3NtRHl3WTRtWWhSQ0JVM2NJcWVOMmVnems0XC9GaGdNQjhQZ2hnN2hyYnk5a281VEh2OGZNb1MyRFRISHFyZGdmeXBYeEwzZk9RYjBGdlwvdDBsN2R3RUNQemlhYnQ3UW9BPT0iLCJtYWMiOiIyYjU5MTAwYTU1Mzg2NGMzYTBmMDM1YjNhOTRkYmI2YmFmMGVjNjgyMDAwZWRlMzBlMTgxNjk4MTFhMzY4NjliIn0%3D; expires=Thu, 24-Nov-2022 05:10:34 GMT; Max-Age=600; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fa/4.7.0/fa.css HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.0.53
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 1811
expires: Fri, 02 Dec 2022 05:00:35 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eebb090b3d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/config.js?sdkid=CDK4VU3C77U9GFT2SN80&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124050035B8B829E4E5AACE9AE5D4
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b52177d8e4a1bce6fbca3153671f23c2f6ac1952d17fe70a1d1e10b2b306a65f8ffcaaf6351ae6ccc34f9495cdc1895d7ab083c503689ae3c84a5b5fd92923bce6
content-encoding: gzip
x-origin-response-time: 5,23.218.223.22
x-akamai-request-id: cff68c05.653f8b66
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-22.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=5, inner; dur=3
x-parent-response-time: 105,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/config.js?sdkid=419295709021341305&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124050035D19B4E3C7F28089B2BB0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2fd206d1952ba4be222eed9758215218fca3a754382b8c10f73195f329e32624223973746eafdbc2dbdd045a20e530b062058ac1290c14c7f40465e1c06077bcc2
content-encoding: gzip
x-origin-response-time: 8,104.96.220.30
x-akamai-request-id: 293e7ae.653f8b6a
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Hyn90obRrDk82Ek14E2qy1rAZL; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-30.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=8, inner; dur=6
x-parent-response-time: 108,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/payment?cart_token=dcccfb70-6b9e-11ed-8c0d-0209f11817a0-637ed56d2b722&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=cb1d01f0-6b9e-11ed-ba77-3dc58798b9bc HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         170.82.173.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 05:00:33 GMT
location: https://seguro.caixamisteriosa.net/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InhrSWVzWVwvN0h1bXk0ZnFGMDhFc1NBPT0iLCJ2YWx1ZSI6Im9RcncxbGk5RzAyZmljeVBCS0xYWFBmUXh6YnllMlhpdlAzV0JTSFRvZjJVaXF0MkNGb0M2XC9zTlhmazhYVHh1a040QTJtc3ptSnNOd01TZDcxRlIzZz09IiwibWFjIjoiZmE5NmI4ZWY2NzEzYTE1NjgyN2ViOWUyNzA2ZDBkMjhjYTI1NDAyYzlmNjMxZDliZWQwY2RhOTFjZWQ1MTVhNCJ9; expires=Thu, 24-Nov-2022 08:00:33 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IjJzbk5QNDNEbkFoUFhQKzhaa0hLRVE9PSIsInZhbHVlIjoiRW1NeU5nQ3p4XC93cVJGdGdIbHZNbnd0TENKZzl4Y2FvZHU3ZnJzd29GK25hWEJHU0NXUjZyM1ZqT1BNMGdTUUgxZWM0TjlLVTBoTHRLVmdUbDVLTktnPT0iLCJtYWMiOiI1ZmRhNzg0NGE1ZmYxODU4NzRmOTc2YWNhNDgwMDcxMGM5NTRjOGM5MTExYzMwNjNiZDQxN2RiZDM1M2NkYWY4In0%3D; expires=Thu, 24-Nov-2022 08:00:33 GMT; Max-Age=10800; path=/; httponly caixa-misteriosa9_cart=eyJpdiI6ImpIZWJZMW1MRktyUWo4UGh2Q2tSUlE9PSIsInZhbHVlIjoiNHoyaG1mMWJCSU9LQjNMa2hmTVgxZXJxdEd1bE5HRkwrMXpiYXB1QktYT3JqV3lxM1NCR3E0VU1HMTFxd2s3UVBmKzVrbG9FeDdtT3d3bXRUXC9YNUF3PT0iLCJtYWMiOiI0ODY3ZGU3Nzc4MGJkNmUxNWY1MGU3NDg4OTg4NmI0MzVlOTliNTIzY2M3ZjYyZWNlNmFjYWU1NjM2OWE3NjA3In0%3D; expires=Tue, 29-Nov-2022 05:00:33 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CDUVI73C77UAFLPMLING&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124050035D496C125CCAB63947C69
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6091d2ba70cbdaa374c438cfb528c66f2f7bc596810103aa7bddff1330013f5877e35f731bc9824ab02159e58c84870348ede4541f58fd6d03d423229021c828b089de10ecf83b2be66cd8c1d4b6cde902
content-encoding: gzip
x-origin-response-time: 8,104.96.220.87
x-akamai-request-id: 20967efc.653f8a00
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-87.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=7, inner; dur=4
x-parent-response-time: 107,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CDK4CUJC77UEMNFPVPVG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022112405003554797755D5CA9B984EB9
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b50541862bcd00cee904deb0fac27472df4fb20272069041ee500269a44bcb05529a68166630955947eb894c882d9826a8f288ce4a4f75fadefa36880bd32ce2f0
content-encoding: gzip
x-origin-response-time: 11,23.218.223.9
x-akamai-request-id: 3201108a.653f89f1
expires: Thu, 24 Nov 2022 05:00:35 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 05:00:35 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-9.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=129, origin; dur=11, inner; dur=3
x-parent-response-time: 140,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.3.88
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 05:00:35 GMT
x-amz-id-2: NRHsa6qucHQaiD3sC5dsd4mSTMl5ptA1rb1WB9pZudapWSWc7E9FXAqQiJ6YpdV9UR90y0pT+ZM=
x-amz-request-id: P200TN7ZJ2GWP78Q
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: vBH8I8U4Fk_cBjCH4K7uyIx8AtomnPkt
etag: W/"634f1880f47f3e97d885f3f34d5bf07b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyuqPIdcfyadLeVfvoCmHiIkRy9AAWHrLqyqOtpitga%2FNwJnbgjQAsqlaTWrTDeV9Nik1uWyGnwekJ1MIjCJUT2VP3O0X1psuNLiQS1fssj0Q91LTJHicod98ILsIpJdzoZwO%2BrItThT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef94eeeb02b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---