| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7181eff9c60e83eb0004ece591e47dca 0fd8cd0c9d10b0547938982e57d2c43e2d98679f 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4647
Expires: Thu, 08 Dec 2022 07:13:58 GMT
Date: Thu, 08 Dec 2022 05:56:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash388f6fea5bafa378266622b72311a6ee 447f102dc12172ce1ba44c5e94e1d7bb49d43372 a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7145
Expires: Thu, 08 Dec 2022 07:55:36 GMT
Date: Thu, 08 Dec 2022 05:56:31 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 05:08:09 GMT
content-type: application/json
age: 2902
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash00e7703bd74975689fc9050356aaca6b 9788fe6a36d6f278e8da329ebc5dd87bcd212317 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15779
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 05:56:31 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dBAdVHpvug4jYxBE5azzvVPFtqO4vmImE07ArKDOfUNZzVMhDsAfLcQg6C3ctEkp/hZcVGUuYto=
x-amz-request-id: AS5TJ1W5VQ5AJHT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 05:47:48 GMT
age: 523
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| seguro.geniodescontos.com/ |  170.82.174.30 | 301 Moved Permanently | 134 B |
URL HTTP/1.1seguro.geniodescontos.com/ IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET / HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 05:56:31 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.geniodescontos.com:443/
X-GoCache-CacheStatus: BYPASS
Server: gocache
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:56:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 05:07:55 GMT
age: 2917
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9c552dc846896054946423449672adbf 3b7bd4416bdfe90ffdd506de8a699b562200244f a94303c3c7e10808fbccb0113a8ab8954ac88c94d7511653efc38059bf816144
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A94303C3C7E10808FBCCB0113A8AB8954AC88C94D7511653EFC38059BF816144"
Last-Modified: Thu, 08 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Thu, 08 Dec 2022 11:55:41 GMT
Date: Thu, 08 Dec 2022 05:56:32 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash053aff7451e55d4269dd9610ab070f3f b3376256d11d159b0c7280ba1515b78d7d9e12ca 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3848
Cache-Control: max-age=101666
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:32 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:10:58 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.186.169.128 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.186.169.128:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aKa8/F2AM989LRpU8oesnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L6wSY1+VP+VPFWpu1gA8r8LKi/A=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3210
Expires: Thu, 08 Dec 2022 06:50:03 GMT
Date: Thu, 08 Dec 2022 05:56:33 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7b8c1870f03a90aac6370fc69516f95f 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3210
Expires: Thu, 08 Dec 2022 06:50:03 GMT
Date: Thu, 08 Dec 2022 05:56:33 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8c94003641bb5a7595e7004f80f95d22 3446450df60d732f9021d5bfd5f5f7c6c870d9ec 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 23998
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash24d89b69ba37bf23c5d576aff4063caf 3d46a21b4da571d7e4962e335c18a28ca5f81ecf 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 24228
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3cbac0c7e45d3f33c38dbf3af4de05ba e9106fec14ddda290951c61eda64a69ada9a244a 98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 44249
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| seguro.geniodescontos.com/ | 170.82.174.30 | 302 Found | 9.0 kB |
URL HTTP/2seguro.geniodescontos.com/ IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hashb01934f458181c316c714c5005a1f2f5 6320281ba897f0159f64d63dc1768b73c6b8cbf6 c6715324f73c1cd64e94616dfee6ec8ec0d303adcea6d3a801c86c7a43d86a4d
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET / HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 08 Dec 2022 05:56:33 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.geniodescontos.com/cart
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InVtb3RFV2hpZDJNNjlFOVVQWnY5bXc9PSIsInZhbHVlIjoiOXQ2NkZFMVVGOEZPR2JUdWF3aUlPT0t5bDh0alJ1WXJJTWtvWnd4dkNxYkI3aU5qaURISnBhYUQ0b3BPdmlkVXhJVnZBNzFIVW9sOVVCekFXQjh2dnc9PSIsIm1hYyI6ImVlYzI5YTZjYmVmYzgzZDQxZmUyYTgxNTI5YThhYjc2ZDM4Zjg1OGFlYTZmZmVlMDJkODliYTRhMWJiMzU2MGEifQ%3D%3D; expires=Thu, 08-Dec-2022 08:56:32 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlJTdzdiZTNGRm1SMTFUMUlBZjdIYlE9PSIsInZhbHVlIjoiNGc0SWdWays2Sngxb25YTU14bDY3QTZzemdrSEc3VTRZekczN0hjc3pIbnFUQ0E2RjlzWjJrd2hGMEI4RHBrbmdYTWV3dkFFU0pVd3hsTnc0NmtUOXc9PSIsIm1hYyI6Ijg5ZjQzM2FhZDQ5ODBjZTUwZDFlMjI0MzViZDFlNDM0Y2U1NGNhMzQwYTM2NTU4ZDk4YzA4NWFhYThjOGQ2MzUifQ%3D%3D; expires=Thu, 08-Dec-2022 08:56:32 GMT; Max-Age=10800; path=/; httponly
geniodescontos_cart=eyJpdiI6InpZOWZSNlwvR2tBUldOMzFtMFBaNEVRPT0iLCJ2YWx1ZSI6InNqOVNaYlAweFArXC8zN1lqb1pYUDhmSTZoVDE0bk9QUHA1MFVha3VJb3hJN3E1NlM1YjdBOXFPNWphV2d6OUh4U2dMa3ErQ1Ixdko5cjJ1TG5YRUVrUT09IiwibWFjIjoiODA1NDBkMDk0YmQwN2NhOWI5MDhiY2I4ZGM5NTJjZmY5Mzk4ZTcyZDdlYTgxMzk2MzgzMzNlYTAxOTAwOGUyOSJ9; expires=Tue, 13-Dec-2022 05:56:32 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4884ce2731d3033b12e4792c1bbf453e 63b6efc98cb04228d82ac28fceb97bb1cf8d82fb 8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 78083
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg | 34.120.237.76 | 200 OK | 4.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash00cdac5a7f801c10e53b8651ceb94c46 d83d7a30038bbf534c531c3786c3458c66d6504a 4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsZPiQ026zur9XITdqX8eyH813-2rXyG6RrSLF4pZ4Wtk4mQJZd1SA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 29102
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashda956e057260390fdb0f031611642013 9a6e98aab555fffbb13725ed243d0710de42946f bde9720713f98ab261e1c89c5981a26ae8120ba67a48d7e0c7214ebeca9529c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2017
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Last-Modified: Thu, 08 Dec 2022 05:22:57 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashcb4dd119f7430c320eac60b72355bd8c e5694c4e08731720fa303127f2f4b2fe5ab9fba9 116e36f240390df2689f722ba0174ff342f7c6ce3a6b91853342c93def2a0825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6ec5f6261a8262e9f94b29627f54cefe 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash8fa43933082dc6355570357a37d8f283 82a0aa54e90db71c1407008664ed2870eeef0f8e 99d3f3352fc4830d1045187d7150a04f6a965f752abf7234b7203487644a2e03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=119777
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6390ad73-117"
Expires: Fri, 09 Dec 2022 15:12:51 GMT
Last-Modified: Wed, 07 Dec 2022 15:12:51 GMT
Server: nginx
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash78f711ff8066d407896220d52be06a70 35d1af306739c7c6a1baa1644f6c900b9b706173 cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=166926
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:40 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash78f711ff8066d407896220d52be06a70 35d1af306739c7c6a1baa1644f6c900b9b706173 cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=166926
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:40 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash152c317a59c7a3ea0c990fcca4a1b42b 7bfbb5e40c52500bc37a9fe8c635da128fe5a33e 595fc2fc6a4a8fd902c8fe6e1a6e8277206290e27687ab08c4f030145fc350dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5705
Cache-Control: max-age=86226
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6390141b-118"
Expires: Fri, 09 Dec 2022 05:53:40 GMT
Last-Modified: Wed, 07 Dec 2022 04:18:35 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash78f711ff8066d407896220d52be06a70 35d1af306739c7c6a1baa1644f6c900b9b706173 cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=166926
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:40 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC | 142.250.74.132 | 200 OK | 583 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC IP142.250.74.132:0
File typeASCII text, with very long lines (884), with no line terminators Hash6b3cb5bbe301fdd0a49c69f1f7c55f2b b7718b95e61ec3f794d358fc292dcee74f395dde 505ac8bc7638a897b56c0c13295f4694c8a6830beb4daaea67131ba553b0197b
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 08 Dec 2022 05:56:34 GMT
date: Thu, 08 Dec 2022 05:56:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash78f711ff8066d407896220d52be06a70 35d1af306739c7c6a1baa1644f6c900b9b706173 cf44cbe6faf5bf135967c1da36b1f7f4870180767b814ed5c101bcd3f26429b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166924
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6391659e-117"
Expires: Sat, 10 Dec 2022 04:18:38 GMT
Last-Modified: Thu, 08 Dec 2022 04:18:38 GMT
Server: nginx
Content-Length: 279
|
|
| icons.yampi.me/svg/card-elo.svg | 104.26.3.88 | 200 OK | 1.6 kB |
URL HTTP/2icons.yampi.me/svg/card-elo.svg IP104.26.3.88:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1575) Hash98728dcc87fd7dd45c1f4a1dc75c151c 0a6e1a0cbb2cc1d255cc9026bcd4cf97f4c72b20 7f072cba56b071290fa8d25cd0734c05cdec6138b4fdac43fdf161c001573f95
GET /svg/card-elo.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-c43"
expires: Tue, 06 Dec 2022 22:06:28 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 860A:48DA:C481D0:1141E0E:6388F2D8
via: 1.1 varnish
age: 2
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669987625.544549,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: 2102c16660ef18add7da14e6b6c497c79b846521
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82tTNekgS6zAozI1a5eV4xJ6P%2FKhpykw7Ti252LaFWmqDnDaWb4KZLQvebTbcbXtQU%2BqfYv55%2FKLF2a%2FVYshajLoT4j7DYBhHe4jQVrknxXE8RieWpI8TXwZuANiagLQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fbab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-billet.svg | 104.26.3.88 | 200 OK | 711 B |
URL HTTP/2icons.yampi.me/svg/card-billet.svg IP104.26.3.88:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352) Hashe5b027014a703772a19221eed6056b20 f5d3cbb3e784033935e6af41169bf06b3d76abc5 6076e2f0cb772befb58377a86fbdbf2150e46796addf551619c34f7203fe2c9d
GET /svg/card-billet.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-537"
expires: Wed, 07 Dec 2022 21:48:01 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: B624:951E:28C413:39D119:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669737065.338189,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 5ef39e1cfcffe0244c1c66c317e2af13f4ac182c
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY81hcg5P1BiVMi9eefCYcaG3bqMhN5N1ea07fa4aN1Ak32XQed3BHcCchcTrGMWprkyNxqULijG9JSUpRcx%2FyKziO80D3szgJKksaYgYxS6sUHya0bDZxIv4agNjVA2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fc7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-pix.svg | 104.26.3.88 | 200 OK | 1.6 kB |
URL HTTP/2icons.yampi.me/svg/card-pix.svg IP104.26.3.88:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1048) Hash2734ce454452a919f7257d097be78cbe 99f3cc7ca23eb98c6eea9d2446feb1a1a889c0f9 aaf66a868d7fabfeec33eeb00a270730efb7f6dad2ae6f3dc52e4747617cdbd4
GET /svg/card-pix.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-a56"
expires: Wed, 07 Dec 2022 02:59:20 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 766A:13121:3D3E95:3F4A87:63897710
via: 1.1 varnish
age: 2
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669987625.551040,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: a42f2a3ba5266ae17bacd44295b0cf2ffd41a82f
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQcwxrh%2B2zTos%2F2Yqwv8RW%2BtFzIDl1OlEOZenSPj86JoxfVVTCHnbMSe%2B%2F1OgoZ1c7nxjgA8QMr9ZxElseZ4G7VTRi016zKeqXtnpEX64VyZZSUxMiVgDEkabDdowBJ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fbdb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashb9083cdf8a3f174763927ae3e9ca3934 1d1ca843e0517b384f693ff52b55fcafc48f9ee7 0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash21817b6db36f4d8b9553aa0c07b067cf 583df100008d196bd89b6dea970297d289a883e2 b92a874ddad34cee3abb99bc4d999ddf049e22f0408a851a3988b588964724bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116524
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6390a0be-116"
Expires: Fri, 09 Dec 2022 14:18:38 GMT
Last-Modified: Wed, 07 Dec 2022 14:18:38 GMT
Server: nginx
Content-Length: 278
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hasheaf4d51232f487b1786c03513f0e1384 6deb1c0da314cb02ff0b74d547076fd65c578064 1dfeced821bfa8563f8d969c5826d0133f148a2ac447017273c62bfa049f3dda
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140440
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6390ef85-1d7"
Expires: Fri, 09 Dec 2022 20:57:14 GMT
Last-Modified: Wed, 07 Dec 2022 19:54:45 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9pgucCgA_2cfcUo4cfXy8ltXMqzN4FsNSMUHk6UwzeFlbWSGW9nZnA==
Age: 3749
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0e9eef4ed41ef94e9ea175ad243e294e b6f83e508270413dabe55e2884b5409ca7978e24 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 | 142.250.74.35 | 200 OK | 34 kB |
URL HTTP/2fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data Hashc21e7acd53a6d80fa451f1af92d9a492 4096e12b96fa2549e4f169044a49b6ec60214008 6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:42:15 GMT
expires: Thu, 07 Dec 2023 19:42:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
content-type: font/woff2
age: 36859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0e9eef4ed41ef94e9ea175ad243e294e b6f83e508270413dabe55e2884b5409ca7978e24 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash21817b6db36f4d8b9553aa0c07b067cf 583df100008d196bd89b6dea970297d289a883e2 b92a874ddad34cee3abb99bc4d999ddf049e22f0408a851a3988b588964724bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116524
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "6390a0be-116"
Expires: Fri, 09 Dec 2022 14:18:38 GMT
Last-Modified: Wed, 07 Dec 2022 14:18:38 GMT
Server: nginx
Content-Length: 278
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hasha3ee107b7fdef0a7035bda032afd8c77 711e60436b744796ca1248479bd8618b03626297 643c1505fb3c5d0fa275a8880d233b6d21fad52c261268840459299b565dcbc3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "638ffc53-1d7"
Last-Modified: Thu, 08 Dec 2022 05:20:22 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hasha3ee107b7fdef0a7035bda032afd8c77 711e60436b744796ca1248479bd8618b03626297 643c1505fb3c5d0fa275a8880d233b6d21fad52c261268840459299b565dcbc3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: max-age=162152
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:34 GMT
Etag: "63914dd8-1d7"
Expires: Sat, 10 Dec 2022 02:59:06 GMT
Last-Modified: Thu, 08 Dec 2022 02:37:12 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 471
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb | 104.26.3.88 | 200 OK | 89 kB |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb IP104.26.3.88:0
File typeASCII text, with very long lines (65536), with no line terminators Hash406f443ecaa0ce8ceb79a5b9c5a758eb ff8047661222c3bd09099144612ecb50c633afab 49d2a051dc7918dfc1d5fcc7da7d49784880010f087ccce8ce6464ee854e2152
GET /checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: application/javascript
x-amz-id-2: hM9Bhh8l55YRUkDhaTk8AtrxL+CUgezoThrn2hf20anv4w+wuyS6Xe4BUWgV24BWfb4jezwvBkc=
x-amz-request-id: RFHWWX32B2FCJM77
last-modified: Mon, 05 Dec 2022 11:39:58 GMT
x-amz-version-id: XAOfzSJmKppL0sbWPR5pXk3TA1tBun.Z
etag: W/"0f7bae2d9147e386916bfc7d1c6ed4c6"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDk%2FrOj9MrZK7TtfRtus8UIvzQbW7sIQR%2F%2FUAvWaLP103S5D7ApPgnBUGBj10EW4nyI3mbhaeLb%2FpKrLJConE7Mbc904HG3fxa36q%2FqfKp4t%2BpclBygRGH%2B%2BiTigYds5wdRU9e09j4gt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776342323ff2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/628c0b2487184/628c0b248718a.png | 52.95.165.6 | 200 OK | 17 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/628c0b2487184/628c0b248718a.png IP52.95.165.6:0
File typePNG image data, 200 x 60, 8-bit/color RGBA, non-interlaced\012- data Hash1eb32f1c1b08b524bfb234ba97aed60a 15514dfa63cda7565387c1516cfca09888ed751d 42d6adb7b5900d855c21e984032d83acace1542115220c253c44b409089cb919
GET /king-assets.yampi.me/dooki/628c0b2487184/628c0b248718a.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zNlkYFQI7NWhKv9iVz1cdKMxRqJB0kez6FrCalfMPSYFVXKNmF51+TJB7HtdV2ygc3h/0YVP5z8=
x-amz-request-id: WQMBP7X4QTF4THR0
Date: Thu, 08 Dec 2022 05:56:35 GMT
Last-Modified: Mon, 23 May 2022 22:31:01 GMT
ETag: "1eb32f1c1b08b524bfb234ba97aed60a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 16619
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7d047c6733f9c8d5998cae08d314f084 c23a8dce8a76dd01e22650fc1c19af2bae963008 d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:35 GMT
Last-Modified: Thu, 08 Dec 2022 05:10:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
|
|
| icons.yampi.me/svg/card-amex.svg | 104.26.3.88 | 200 OK | 1.2 kB |
URL HTTP/2icons.yampi.me/svg/card-amex.svg IP104.26.3.88:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (856) Hash037458f3f0fb2dba23b87037a4e4b038 2aaf3c0ffb5d93ff42e9a0b35bd9455c39c5758c 115cb5cc7af173268401462054fd2046d3c561c6707452ec5b75cbedd740c759
GET /svg/card-amex.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-5f3"
expires: Tue, 06 Dec 2022 09:17:01 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: C6A6:2AF8:4D8E67:5010E2:63860087
via: 1.1 varnish
age: 2
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669730538.039287,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: def9948b481cf59adea073f356f0a04e844eafab
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BUozNxsyZe7ir1HBz%2Ba3ae8i7LhTUJ1sQJFwkeAFzQz56u8U7IduCNj%2BlNwRtA2Pz7VUepr1Fcy%2BgEFVqCE2U%2FnMF1SUhH5ftvTWRJ2S2xIL5H96JFQ7x6YgezGJNEy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fc2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash38ab64c8d5e963bd13caddb191950d94 b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84 d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| connect.facebook.net/en_US/fbevents.js |  31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash44ecaa3c2a4929a40141edc4540aaf84 f29a573182333b2500d41bfc389d6c5232dfb348 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8fFN8nUCv8OJ8HENE5O1/nWgX9WOyCa2af0A8jopTe6LmLTY/Vb0BPZjsn2LVZepS6rAxb0YABg9av1f3osqfA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Thu, 08 Dec 2022 05:56:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.110 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.110:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 04:41:08 GMT
expires: Thu, 08 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 4527
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7d047c6733f9c8d5998cae08d314f084 c23a8dce8a76dd01e22650fc1c19af2bae963008 d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1217
Cache-Control: max-age=164531
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:35 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 03:38:46 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
|
| www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js | 142.250.74.3 | 200 OK | 163 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP142.250.74.3:0
File typeASCII text, with very long lines (730) Size163 kB (162976 bytes) Hash79d18cf4265108d7cecca1bf4ada6109 e51d0285a545381d4c39e9e0292a650ffeeecbb9 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 58593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=664275554&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.geniodescontos.com%2Fcart&ul=en-us&de=UTF-8&dt=Carrinho%20-%20Genio%20Descontos&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAAATAAAAAC~&jid=2108090947&gjid=671737251&cid=1489336064.1670478995&tid=UA-45745009-5&_gid=840126969.1670478995&_r=1&_slc=1&z=135369768 | 142.250.74.110 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=664275554&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.geniodescontos.com%2Fcart&ul=en-us&de=UTF-8&dt=Carrinho%20-%20Genio%20Descontos&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAAATAAAAAC~&jid=2108090947&gjid=671737251&cid=1489336064.1670478995&tid=UA-45745009-5&_gid=840126969.1670478995&_r=1&_slc=1&z=135369768 IP142.250.74.110:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=664275554&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.geniodescontos.com%2Fcart&ul=en-us&de=UTF-8&dt=Carrinho%20-%20Genio%20Descontos&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAAATAAAAAC~&jid=2108090947&gjid=671737251&cid=1489336064.1670478995&tid=UA-45745009-5&_gid=840126969.1670478995&_r=1&_slc=1&z=135369768 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://seguro.geniodescontos.com
date: Thu, 08 Dec 2022 05:56:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-diners.svg | 104.26.3.88 | 200 OK | 1.5 kB |
URL HTTP/2icons.yampi.me/svg/card-diners.svg IP104.26.3.88:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1368) Hashd0971b83d95fca45329fb8140e300e30 1da27271ad8047b22e58038566bd17b85ebb9e30 a7a28d250bd4ff9c30c51bfa61a796465c0bf7379fcfcda9b39ec9aad22cf8e3
GET /svg/card-diners.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-99b"
expires: Wed, 07 Dec 2022 08:07:35 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 954C:7A85:27A62D:38B276:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669736548.174335,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 6e20954df562034587119bfdcf51dbb1d4a09617
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHY6wCsWIN%2FuAr96gJMggq1H4D%2FBfO%2Fn7%2Fp9mT%2FneKQhUiSKxWbmGgHVxXDfwjUOeDhlTiMmhcG6RnEdRw71KQHu5bmUxlOzSim68ZPUK7WdUgKNfhMTe1vR7JZGkW57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fc0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.mercadopago.com/v2/security.js | 143.204.55.36 | 200 OK | 2.1 kB |
URL HTTP/2www.mercadopago.com/v2/security.js IP143.204.55.36:0
Hashc5b6f48ab37c43d0dc399d6af2c5f31c 7b8934a5c6c206b1a29db4df2fae7d6f211be507 a3a2c6182b1b2732b1a103ed0471d2a296699329dfc69d01f2eee996e7db635d
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Dec 2022 05:56:34 GMT
set-cookie: _d2id=82384017-2ee4-4700-94da-7a57cc58328e-n; Path=/; Domain=.mercadopago.com; Expires=Fri, 08 Dec 2023 05:56:34 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: 82384017-2ee4-4700-94da-7a57cc58328e
x-request-device-id: 82384017-2ee4-4700-94da-7a57cc58328e
x-d2id: 82384017-2ee4-4700-94da-7a57cc58328e
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KPucxhELyk0wx0ZqOSM4ScvidRzG7ah9VxLAf3z6_foiF6rcZUP8sQ==
X-Firefox-Spdy: h2
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/6241c3873ebcb/6241c3873ebd1.png | 52.95.165.6 | 200 OK | 17 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/6241c3873ebcb/6241c3873ebd1.png IP52.95.165.6:0
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data Hashd96baf4dc5e691fdf692bc4adcec306c faf590ff05158dd093890bed2a6128d1cdf26c91 add4d5437b922339bc2e8802f8aaa292faa9d89a5dcf9a485156b6adba1c50b1
GET /king-assets.yampi.me/dooki/6241c3873ebcb/6241c3873ebd1.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: b8YdxuCGNdEf9w5/eZftZm3SiTSXAfdiM4nGY2zsCN/kr1MMECNDSo//X10UE6cyVxb5A0RKTSs=
x-amz-request-id: V6P9XXN07F86YV80
Date: Thu, 08 Dec 2022 05:56:36 GMT
Last-Modified: Mon, 28 Mar 2022 14:17:44 GMT
ETag: "d96baf4dc5e691fdf692bc4adcec306c"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 17371
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 | 104.26.3.88 | 200 OK | 28 kB |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 IP104.26.3.88:0
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash22c3390d0bd9fa780cc12a297711b40f 2c94dadbfefd6ecf963ee68a2af6754ff1fcce9c f2cd716e2c7fc29bd797ae554a5e4bd96cb8db9300995e1f0342893b1a200aa8
GET /checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: text/css
x-amz-id-2: YA1eDbyiFw9F7lvoHKFMrUFI+rzs4fWeaPTK8HBrcIojzp1Ze0GAqZwjGyO3EOKzm5Y2nWL5dqs=
x-amz-request-id: P208087TQ0JZ3MS4
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: 5lxShk4xe0C8IXXkoQQWK8S_0jFPf.GV
etag: W/"78c7a473b51f1cc2067d1b8860950b25"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AriZIp9SFD%2BXpN%2BfA9nnVyMcdhYO%2B2hOdkhhfUsdaKNCaBRFplQWcsQ140ONeUGMj2HTTa41sj0A2NftF5GbT4Sedcdykjhos3DxIJzqKONCyGP6x%2BvrlFu2xIoy1LSgzYjZs5RUDyJp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776342320fb1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/device_sessions/web_device | 54.88.227.128 | 200 OK | 12 kB |
URL HTTP/2api.mercadopago.com/v1/device_sessions/web_device IP54.88.227.128:0
Hashad2b26fa2e09a98a2db008680ca60d16 461844dfbb0b326011e7519dc42927929958fc9c 8ee01fedf114134cffe974dc0101ec834e0a8dfd21a7b7ef78b1aef972b9b252
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:35 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.geniodescontos.com
x-request-id: d5765727-c653-4df6-9bb5-d62422bca510
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-15,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 1aba7314564061c3
x-b3-traceid: 1aba7314564061c3
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-15: DWHhODbts7EzhrmQHeK6iUvsSgSGl7gyDsFsmcqI3GwFtp1bbzS7Z92AnelW/h3N
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1670478995106;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6d7737802f93eeb14503d61c77c137bc fa6861c298d00f879b9f16af4f05470cecfc80af 6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashb8d79685682ab0684ebcd9873dc9f1ad de00fe0fd4b99a98433a0161801244047115d456 42212f48d6d7f7e7fb0a771330dca03001c513a90364a2e5a0b69813ad0bbecf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 142.250.74.77 | 302 Found | 393 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP142.250.74.77:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381) Hash72ed752156bdda0368110a819b436c8d 37499da019d0bb95088d222566e1c56db1446568 45b6922ebe14a27264b61d905b254a8b424a326dd9bc2f6bc1fd819fbeb9567a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 05:56:35 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1107265780%3A1670478995625286&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4hzVveRnZBbqEE8iN4eKJ9JxTBqyx3_w2ZO8Ww8hCo3W5hUX1KwzQr4wUUeZGyoEcui023cA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-QUf0CgawkDutqLad9GW80g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:PVHK1lFCUVD7fBcCCyk2XOPrMggk8A:essgRerSOh1We107;Path=/;Expires=Sat, 07-Dec-2024 05:56:35 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hasha938af990a97b9856e1174d11c72cbf7 b57716fd0ea9a1e9e0a0595ff593f939560c0abf 6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:56:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.mercadolibre.com/jms/lgz/background/etid | 18.67.39.95 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/etid IP18.67.39.95:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Thu, 08 Dec 2022 05:56:35 GMT
server: Tengine
set-cookie: _d2id=6a11f35d-de84-467e-8e3b-f174d8d52bf4-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:35 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: a2306890-3ed1-4e2e-8117-149ae2ed939a-1670478995811
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 6a11f35d-de84-467e-8e3b-f174d8d52bf4
x-request-device-id: 6a11f35d-de84-467e-8e3b-f174d8d52bf4
x-d2id: 6a11f35d-de84-467e-8e3b-f174d8d52bf4
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 67dd4d73b80aece69a8e725c6d612b6e.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: 8SHhsOXq3uQyygLyTcUJlOUJvS5uD8elv-zXn0-P8iVal6OIwrZsrg==
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/552.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 5.9 kB |
URL HTTP/2js-agent.newrelic.com/552.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (21423) Hash097ef34c5f5d635a147bca3721bd605b 3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2 3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:35 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1747
x-timer: S1670478996.914239,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/290.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 3.4 kB |
URL HTTP/2js-agent.newrelic.com/290.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (8544) Hashb9baa2cb6a3b1a3d0fda03cd7db51631 42d37467e05182e3cab2fcb54577dc462adcf50b 31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1083
x-timer: S1670478996.192488,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/768.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 2.2 kB |
URL HTTP/2js-agent.newrelic.com/768.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (5523) Hash98a96a3306b7723c0b8c4bff074cdd9f e9070da7daa34fa2d8ac2e4ec00e3c499ea37516 a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 2028
x-timer: S1670478996.193073,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/368.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 1.4 kB |
URL HTTP/2js-agent.newrelic.com/368.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (3382) Hashfa50a55750d1d0978fca32be5dbc3988 a7f447621d48b3ecf7fc0192b515d506d3d1ad18 c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1715
x-timer: S1670478996.193081,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/775.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 632 B |
URL HTTP/2js-agent.newrelic.com/775.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (1169) Hash661520fd0dfebb919d68a69b60ca426f b85ef80a0e0d95bf4904f9ce4fad56c49ae035be ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1670478996.193041,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/39.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 2.8 kB |
URL HTTP/2js-agent.newrelic.com/39.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (7169) Hasha0a406e7bdf3e14f047e46bcea27640c c1fbc88d260f16a092c1b7b0e58e4291401478e8 2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049
GET /39.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: KxfPNXIQ38SSfzz490TMAo2ltA9W5l6OlU9HI6h8SfmvQBHsTP/3JrzkCdnsVJAOdxSfq1TwUMk=
x-amz-request-id: ESHWVX2RDYQJKTJS
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 815
x-timer: S1670478996.193925,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/0.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 2.3 kB |
URL HTTP/2js-agent.newrelic.com/0.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (5198) Hash852267b16c136b977ccd94900c6c6308 e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16 9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: f1JzRiK4HoHej55UIxY8kufnlKMhSjW2G+Vtj2sq4OUFu6SREeWg9kZpjawiQxSTZPEfmKoLolg=
x-amz-request-id: XM6JN6V8R5PG7B8J
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 808
x-timer: S1670478996.193902,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/571.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 1.1 kB |
URL HTTP/2js-agent.newrelic.com/571.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (2412) Hashd392a55faa7a0a2a43781a495891c9aa 1998ba6f85354606c186fa1a29285676f0b596f0 33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Cn07g451pzP+BuOyXbJ5c0o8ExPUm1rBYP/GYVQDFxcy7KzhZDW/Ep1gB0iV/QBa/UCWbkhew68=
x-amz-request-id: XM6J6T5Z32K8FRFH
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 837
x-timer: S1670478996.193873,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/820.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 3.0 kB |
URL HTTP/2js-agent.newrelic.com/820.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (7460) Hash7d1295a839190615b34d5a62acceee4f eef26f5c6d2ae14cb81b3a9b669da224faceacd0 4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mfz69jbwDdVjAOvigezanDeGlG58lNEgRQZJ5bHuLqr3T+YzVd1KlatkpX7gSSdNs3YsWLt1rsw=
x-amz-request-id: 7DG6EGGM14MJB93M
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 33
x-timer: S1670478996.193797,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/790.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 6.1 kB |
URL HTTP/2js-agent.newrelic.com/790.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (17591) Hashb3193d37837e2f200e10db13deff83a9 d8577b8a972583e81cfd8e31436dcd039aa049b2 5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rOIosPuuEwyY2i5sNYqTXHwZXDs2re4AJB6+I1QFfF9D8vToAF8QBmtRttIasr2/YRes+1f0bv4=
x-amz-request-id: 9HYGKVEA32SEPK1W
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:56:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 49
x-timer: S1670478996.194316,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=4680&ck=0&s=8496dde178fedcbb&ref=https://seguro.geniodescontos.com/cart&ap=30&be=2546&fe=1696&dc=616&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670478990981,%22n%22:0,%22f%22:1549,%22dn%22:1549,%22dne%22:1549,%22c%22:1549,%22s%22:1549,%22ce%22:1549,%22rq%22:1551,%22rp%22:2513,%22rpe%22:2514,%22dl%22:2520,%22di%22:3134,%22ds%22:3161,%22de%22:3180,%22dc%22:4241,%22l%22:4241,%22le%22:4409%7D,%22navigation%22:%7B%7D%7D&fcp=3130&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=4680&ck=0&s=8496dde178fedcbb&ref=https://seguro.geniodescontos.com/cart&ap=30&be=2546&fe=1696&dc=616&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670478990981,%22n%22:0,%22f%22:1549,%22dn%22:1549,%22dne%22:1549,%22c%22:1549,%22s%22:1549,%22ce%22:1549,%22rq%22:1551,%22rp%22:2513,%22rpe%22:2514,%22dl%22:2520,%22di%22:3134,%22ds%22:3161,%22de%22:3180,%22dc%22:4241,%22l%22:4241,%22le%22:4409%7D,%22navigation%22:%7B%7D%7D&fcp=3130&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=4680&ck=0&s=8496dde178fedcbb&ref=https://seguro.geniodescontos.com/cart&ap=30&be=2546&fe=1696&dc=616&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670478990981,%22n%22:0,%22f%22:1549,%22dn%22:1549,%22dne%22:1549,%22c%22:1549,%22s%22:1549,%22ce%22:1549,%22rq%22:1551,%22rp%22:2513,%22rpe%22:2514,%22dl%22:2520,%22di%22:3134,%22ds%22:3161,%22de%22:3180,%22dc%22:4241,%22l%22:4241,%22le%22:4409%7D,%22navigation%22:%7B%7D%7D&fcp=3130&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:56:36 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7763423fcbf01c06-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5467&ck=0&s=8496dde178fedcbb&ref=https://seguro.geniodescontos.com/cart | 162.247.241.14 | 200 OK | 24 B |
URL HTTP/1.1bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5467&ck=0&s=8496dde178fedcbb&ref=https://seguro.geniodescontos.com/cart IP162.247.241.14:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashbc32ed98d624acb4008f986349a20d26 2d3df8c11d2168ce2c27e0937421d11d85016361 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5467&ck=0&s=8496dde178fedcbb&ref=https://seguro.geniodescontos.com/cart HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 666
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:56:37 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 776342434d9a1c06-OSL
Access-Control-Allow-Origin: https://seguro.geniodescontos.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
|
|
| api.mercadopago.com/v1/device_sessions/anonymous_device_session | 54.88.227.128 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/anonymous_device_session IP54.88.227.128:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.geniodescontos.com/
Origin: https://seguro.geniodescontos.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:38 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.geniodescontos.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: f98e60f0-4abf-4ccc-87ff-4b56263383ae
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-15,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: f5646e394db24a72
x-b3-traceid: f5646e394db24a72
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-15: 5I5fOZufxd2PuXi/MaeGb9MxcNV51IHOgrGUSMqdFTsY4F3CR09txt9YDGIBAJgq
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiIyMjI4ZWU2Ni1kM2U4LTQxNzUtOGM4NC00NmEzZmRkODQxZmUtMTY3MDQ3ODk5NjM0NSIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZGFmMDJmMzItMDY4Ny00YTNjLWFhZDctYjI0ZmFjMGE1Mzk1LTE2NzA0Nzg5OTYzNDUifQ%3D%3D%22%7D&callback=dp_jsonp.process | 18.67.39.95 | 200 OK | 384 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiIyMjI4ZWU2Ni1kM2U4LTQxNzUtOGM4NC00NmEzZmRkODQxZmUtMTY3MDQ3ODk5NjM0NSIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZGFmMDJmMzItMDY4Ny00YTNjLWFhZDctYjI0ZmFjMGE1Mzk1LTE2NzA0Nzg5OTYzNDUifQ%3D%3D%22%7D&callback=dp_jsonp.process IP18.67.39.95:0
Hashc652f7c15a685e66528b33d155a6525f db467f170ec2e31533b09fdc4d537ad11c9bd97c 32a7021cc13269b7b9cbeb87c6149553e00996d174dd399d57baf891f61a616d
GET /jms/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiIyMjI4ZWU2Ni1kM2U4LTQxNzUtOGM4NC00NmEzZmRkODQxZmUtMTY3MDQ3ODk5NjM0NSIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZGFmMDJmMzItMDY4Ny00YTNjLWFhZDctYjI0ZmFjMGE1Mzk1LTE2NzA0Nzg5OTYzNDUifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90
Connection: keep-alive
Cookie: dsid=2d059930-20eb-49f5-954f-851da65e486a-1670478996345; edsid=b0360119-a781-4cbc-9768-70e7448d0e09-1670478996345
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Thu, 08 Dec 2022 05:56:36 GMT
server: Tengine
set-cookie: _d2id=4b710fce-cf75-41b8-bfdc-63cd54c5234a-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:36 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 4b710fce-cf75-41b8-bfdc-63cd54c5234a
x-request-device-id: 4b710fce-cf75-41b8-bfdc-63cd54c5234a
x-d2id: 4b710fce-cf75-41b8-bfdc-63cd54c5234a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 50d743941b822ae5fa30db69233863a6.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: z45Er8AS-qqD8-vID62qOlaTuMyIrMGOR_jSlVTSAjwvuLVeJMJkPQ==
X-Firefox-Spdy: h2
|
|
| seguro.geniodescontos.com/cart | 170.82.174.30 | 200 OK | 0 B |
URL HTTP/2seguro.geniodescontos.com/cart IP170.82.174.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /cart HTTP/1.1
Host: seguro.geniodescontos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InVtb3RFV2hpZDJNNjlFOVVQWnY5bXc9PSIsInZhbHVlIjoiOXQ2NkZFMVVGOEZPR2JUdWF3aUlPT0t5bDh0alJ1WXJJTWtvWnd4dkNxYkI3aU5qaURISnBhYUQ0b3BPdmlkVXhJVnZBNzFIVW9sOVVCekFXQjh2dnc9PSIsIm1hYyI6ImVlYzI5YTZjYmVmYzgzZDQxZmUyYTgxNTI5YThhYjc2ZDM4Zjg1OGFlYTZmZmVlMDJkODliYTRhMWJiMzU2MGEifQ%3D%3D; bubbstore_checkout=eyJpdiI6IlJTdzdiZTNGRm1SMTFUMUlBZjdIYlE9PSIsInZhbHVlIjoiNGc0SWdWays2Sngxb25YTU14bDY3QTZzemdrSEc3VTRZekczN0hjc3pIbnFUQ0E2RjlzWjJrd2hGMEI4RHBrbmdYTWV3dkFFU0pVd3hsTnc0NmtUOXc9PSIsIm1hYyI6Ijg5ZjQzM2FhZDQ5ODBjZTUwZDFlMjI0MzViZDFlNDM0Y2U1NGNhMzQwYTM2NTU4ZDk4YzA4NWFhYThjOGQ2MzUifQ%3D%3D; geniodescontos_cart=eyJpdiI6InpZOWZSNlwvR2tBUldOMzFtMFBaNEVRPT0iLCJ2YWx1ZSI6InNqOVNaYlAweFArXC8zN1lqb1pYUDhmSTZoVDE0bk9QUHA1MFVha3VJb3hJN3E1NlM1YjdBOXFPNWphV2d6OUh4U2dMa3ErQ1Ixdko5cjJ1TG5YRUVrUT09IiwibWFjIjoiODA1NDBkMDk0YmQwN2NhOWI5MDhiY2I4ZGM5NTJjZmY5Mzk4ZTcyZDdlYTgxMzk2MzgzMzNlYTAxOTAwOGUyOSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:33 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImEzalVJSk83eklsXC9nZEJVcW1ZM3pBPT0iLCJ2YWx1ZSI6Im05ZVNyWmFwMXRxT09hcDVlZ0tia0NhS0lLMUZnVVwvSjZFQUJxU3BLMXZJaFwvVVhhVEU4VkswaUxxd3NrQWtJc3Q0TlZXZWhqbVdHZGR2RGxyOTl4Snc9PSIsIm1hYyI6Ijg0OTU3NzY3Njg2OTZjNWNhNjJmNTQzZmNhNTliMGZjZWUyNjBkZWUzNTAyZDdmMDVhMmQxZTZhOTI5Zjc0ODcifQ%3D%3D; expires=Thu, 08-Dec-2022 08:56:33 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Im52NFpZOU1vN0ZUM3R4R2RPd3ZNdFE9PSIsInZhbHVlIjoiVkFNRlBFbGx5N3pTUU1SUmZZTUQxbHJIRWZ3eHBhRlhQT0F2VXp3VTFWTFYxMnJDb3dsazRMSjZzMzI3eTNoQ3dcL1lnYzdRVUh2alhaRUlBTUpWQkV3PT0iLCJtYWMiOiIwYzkxZGY4ZjI2OThhZDdiYWMzZDgwYjJmZmRmMDRlMDdmYWVmNDdiZjQzNGFlZmE2YjJmNGVmY2FkYjEwYWEzIn0%3D; expires=Thu, 08-Dec-2022 08:56:33 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90?background=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D | 18.67.39.95 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90?background=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D IP18.67.39.95:0
GET /jms/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90?background=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 08 Dec 2022 05:56:36 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=0b173d26-452e-4ce4-89f7-e951792fe5fd-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:36 GMT
dsid=2d059930-20eb-49f5-954f-851da65e486a-1670478996345;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=b0360119-a781-4cbc-9768-70e7448d0e09-1670478996345;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 11
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 0b173d26-452e-4ce4-89f7-e951792fe5fd
x-request-device-id: 0b173d26-452e-4ce4-89f7-e951792fe5fd
x-d2id: 0b173d26-452e-4ce4-89f7-e951792fe5fd
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 50d743941b822ae5fa30db69233863a6.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: fJRoXPYdMHDIuJsif_qjOhguhBfz0uTCBFgmw5-aLrpxy-TLy3wYXg==
X-Firefox-Spdy: h2
|
|
| cdn.yampi.io/ana/ana.min.js?t=1670544000000 |  104.18.15.227 | 200 OK | 0 B |
URL HTTP/2cdn.yampi.io/ana/ana.min.js?t=1670544000000 IP104.18.15.227:0
GET /ana/ana.min.js?t=1670544000000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: application/javascript
x-amz-id-2: NZHiLZW4twuru4tKGhmbL7JzAi95213yXe9rCr8VQG4FFlPjBye9z3yZDgj6DTdNXARYFilVoC8=
x-amz-request-id: 5PEBWPXMEJAWBRCH
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 0
expires: Fri, 08 Dec 2023 05:56:34 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77634234f8f8b51e-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.mercadolivre.com/jms/mlb/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90?background=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6bnVsbCwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMyLCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo2NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0MSwiaGFzaCI6MTYyLCJ0b3RhbCI6MTYyfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D | 143.204.55.53 | 200 OK | 0 B |
URL HTTP/2www.mercadolivre.com/jms/mlb/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90?background=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6bnVsbCwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMyLCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo2NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0MSwiaGFzaCI6MTYyLCJ0b3RhbCI6MTYyfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D IP143.204.55.53:0
GET /jms/mlb/lgz/background/session/armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90?background=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6bnVsbCwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMyLCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo2NywiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo0MSwiaGFzaCI6MTYyLCJ0b3RhbCI6MTYyfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 08 Dec 2022 05:56:36 GMT
server: Tengine
set-cookie: _d2id=6090c66d-8f50-4851-adc3-b5a0ec7a8368-n; Path=/; Domain=.mercadolivre.com; Expires=Fri, 08 Dec 2023 05:56:36 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 6090c66d-8f50-4851-adc3-b5a0ec7a8368
x-request-device-id: 6090c66d-8f50-4851-adc3-b5a0ec7a8368
x-d2id: 6090c66d-8f50-4851-adc3-b5a0ec7a8368
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HA5GL2ZneJ4gPKO6VF_8WwxwHuO13t7MSGwxGWJJkKIFc4Ae6syn4Q==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background?dps=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90 | 18.67.39.95 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background?dps=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90 IP18.67.39.95:0
GET /jms/lgz/background?dps=armor.e26c3e5b9d11ba95f5dc2a8300602e2986d4ae180f2e42261251b9731f7a4ac819decba02e2392f164ac7fe9a628166fad5d8b332148562cc79463a6b9934ac1bf9e8ff03c81a2a42fe86d8bbfb88bfdd5b6d53564971fbdec0e1a50501524b5.ac56dba225e4c76c35bf18bd7a0dff90 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Thu, 08 Dec 2022 05:56:36 GMT
server: Tengine
set-cookie: _d2id=53fa949f-d82d-4aa5-bee4-c4c0a06b6b1a-n; Path=/; Domain=.mercadolibre.com; Expires=Fri, 08 Dec 2023 05:56:36 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 53fa949f-d82d-4aa5-bee4-c4c0a06b6b1a
x-request-device-id: 53fa949f-d82d-4aa5-bee4-c4c0a06b6b1a
x-d2id: 53fa949f-d82d-4aa5-bee4-c4c0a06b6b1a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 50d743941b822ae5fa30db69233863a6.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P2
x-amz-cf-id: 49XwTNzGmcm58OBrhpFFcefvglpoXOWprjWuChyebvENAlYi3siPwQ==
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-hiper.svg | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2icons.yampi.me/svg/card-hiper.svg IP104.26.3.88:0
GET /svg/card-hiper.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-2392"
expires: Wed, 07 Dec 2022 17:15:15 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 44F2:5536:2B4358:3C5176:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669728865.609662,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: c7aafe585b6e777ce02bc8ad861e6a412daaca31
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tt98Og1lRv5%2Bcm5%2Ftm4oh7vKy3hGJrPMFZj2sQRw%2BGihneT8G0BRNQbVIMSRN5QueFw9zHrn%2F9%2F712APaAlTLMmekvLlaF7dUKarQ6zWG%2BYMZZB2hkDVwkHpK%2BJJ4yNg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fbeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-discover.svg | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2icons.yampi.me/svg/card-discover.svg IP104.26.3.88:0
GET /svg/card-discover.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-f89"
expires: Tue, 06 Dec 2022 18:22:34 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: FD6C:36F9:29D68F:3AE4CF:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669730538.049995,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 44859ed3b671ead5305a99a84d4f10e6aaaa8abb
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24ba2gkzWnb%2FKrY4pCKA%2BrxAIyqvnzDPFeuyumExz%2FPD5YlQS7ChA4xXXsrsdmMjn2dxxDCZglWDXKmd5vB6ix%2B3Ub2OM5xwRXFv4od4I7fDTPtRtS448uki3e3HA3yp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fcbb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yampi.me/jquery/jquery.js | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2cdn.yampi.me/jquery/jquery.js IP104.26.3.88:0
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: application/javascript
x-amz-id-2: hFHoXHOYgx6I1rT5LmUWFH8I4gzAwp4gh1eg7iqG7hMsH8APKmWODRPyKM4BsNL9sR+LVpsu3MI=
x-amz-request-id: PPGVE8BRHCVNBDAX
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXwwD40yt611kijCl0xxp4VD%2FITzHyNCm3kTSetVDOKvF3%2FYOYITujrnrnB03o3OGHLQQzebPv1E7a%2Bjx7C4%2FzVbYHW7lE3NtQb9%2Bj2iDCCAMVSCK9o2smZktEozLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776342327816b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.dooki.com.br/fa/4.7.0/fa.css | 104.18.1.53 | 200 OK | 0 B |
URL HTTP/2fonts.dooki.com.br/fa/4.7.0/fa.css IP104.18.1.53:0
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 2
expires: Fri, 16 Dec 2022 05:56:34 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 77634231fdec1bfa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-hipercard.svg | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2icons.yampi.me/svg/card-hipercard.svg IP104.26.3.88:0
GET /svg/card-hipercard.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-54bc"
expires: Wed, 07 Dec 2022 15:41:46 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 0813:12E8:2880CC:398CF3:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1682-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669728865.605233,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: a3e5b3ae99ce291b6037a6bd774bb0bed72ae5f6
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxGOJ36AjglnWrK%2B3edX7N8IQ30B49l4LWfCXsF4SB4rHeN87bscnWsT%2FTMXQyGmcINLbwQAaec%2FXhKtrazf3e6KpBNLW3oKXkyFZJry9O20P%2Fm6jlaHtSL7CXhUS8sS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fc1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-visa.svg | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2icons.yampi.me/svg/card-visa.svg IP104.26.3.88:0
GET /svg/card-visa.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-1288"
expires: Thu, 08 Dec 2022 02:03:25 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: F28A:7C67:2CB1DE:3DC102:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669728865.256778,VS0,VE5
vary: Accept-Encoding
x-fastly-request-id: 43c5906117beb3c5fd37cf057680716d20298606
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQaceUMYwnrgdDvZwpnF5gaZJX5Myjf4oBXINJZHf3NP8OhcPuKTJmd4ggJU1M%2Fszqv6huXBS9XtUhNu%2BFiIMnBYNizDZLKnfwXfVdgIzM8MalBJmhWfIfE7fwedARNo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fbfb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-aura.svg | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2icons.yampi.me/svg/card-aura.svg IP104.26.3.88:0
GET /svg/card-aura.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-111a"
expires: Wed, 07 Dec 2022 13:11:56 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 7B54:1978:2895E9:39A35C:638600D9
via: 1.1 varnish
age: 2
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669736548.270685,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: e775fad83003a93227de713f9fa108ccaf66e2ae
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPZYDOIy%2BNz62uHPSPq%2F1r9TisNgdN0GxtONOXdPr6dw6eXfOn0XZGtrWXsmf1wdjQr03urbCDhXj0g15aZmcBVqhYxvTmxyttqLbMIex3wjeoZ%2BEJa9hoWbbpTebhiq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fc9b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap IP142.250.74.74:0
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 05:56:34 GMT
date: Thu, 08 Dec 2022 05:56:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| icons.yampi.me/svg/card-mastercard.svg | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2icons.yampi.me/svg/card-mastercard.svg IP104.26.3.88:0
GET /svg/card-mastercard.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.geniodescontos.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:56:34 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:47:05 GMT
access-control-allow-origin: *
etag: W/"6385ff49-5b3"
expires: Thu, 08 Dec 2022 04:23:00 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 29F0:787E:186AB6E:192450A:63891D29
via: 1.1 varnish
age: 2
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669930626.794607,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: ca6076340eac584c57d7f684f0a4505104fdb18d
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAHbRQ6Ya1FieuTwcD666rU%2B%2BQ38Z481X335Ha%2Ft7jvY35GLCN8CPpBNcnqxHcJppsJQSvRvEPE8wuZDBYBwbncLY7Lenn0OGc3kdC%2Fc4jYspJyuUFV19VICOTwu8lrj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776342321fbcb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|