Overview

URL seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
IP170.82.174.30
ASN3L CLOUD INTERNET SERVICES LTDA - EPP
Location Brazil
Report completed2022-09-27 07:33:27 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 seguro.poweroferta.com/e/t Phishing
2022-09-27 2 seguro.poweroferta.com/e/t Phishing
2022-09-27 2 seguro.poweroferta.com/cart/recomm Phishing
2022-09-27 2 seguro.poweroferta.com/checkout/address Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (36)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS s3.sa-east-1.amazonaws.com (2) 60686 2017-11-14 13:15:14 UTC 2022-09-27 06:03:54 UTC 52.95.165.30
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 01:05:45 UTC 142.250.74.10
mnemonic passive DNS ocsp.pki.goog (15) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS www.facebook.com (6) 99 2017-01-30 05:00:00 UTC 2022-09-27 04:38:43 UTC 157.240.200.35
mnemonic passive DNS fonts.dooki.com.br (1) 829308 2018-11-23 22:20:24 UTC 2022-09-27 05:10:33 UTC 104.18.1.53
mnemonic passive DNS analytics.tiktok.com (5) 1182 2020-02-29 13:09:05 UTC 2022-09-27 04:57:59 UTC 23.36.79.17
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 04:13:22 UTC 34.160.144.191
mnemonic passive DNS seguro.poweroferta.com (6) 0 2020-11-11 02:15:46 UTC 2022-09-27 06:13:24 UTC 170.82.173.30 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (13) 86 2012-05-21 07:02:23 UTC 2022-09-27 04:15:00 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-27 04:53:17 UTC 34.120.237.76
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.164
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS www.mercadolivre.com (1) 123600 2012-06-25 14:23:07 UTC 2022-09-26 23:17:38 UTC 143.204.55.53
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 52.41.98.34
mnemonic passive DNS js.upnid.com (1) 0 2020-06-23 15:36:07 UTC 2022-09-27 05:10:33 UTC 130.211.14.112 Unknown ranking
mnemonic passive DNS cdn.yampi.io (1) 402975 2021-08-15 19:04:52 UTC 2022-09-27 00:59:02 UTC 104.18.14.227
mnemonic passive DNS www.mercadolibre.com (8) 33991 2012-05-30 13:13:26 UTC 2022-09-26 23:17:38 UTC 143.204.55.42
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-26 04:31:04 UTC 162.247.241.14
mnemonic passive DNS cdn.shopify.com (1) 2327 2012-06-22 18:37:14 UTC 2022-09-27 05:08:09 UTC 104.16.255.71
mnemonic passive DNS secure.mlstatic.com (1) 140771 2014-10-06 09:35:28 UTC 2022-09-26 23:17:37 UTC 23.36.79.33
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:39:28 UTC 142.250.74.72
mnemonic passive DNS api.mercadopago.com (6) 47277 2015-07-21 20:29:10 UTC 2022-09-26 23:17:37 UTC 52.2.144.69
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-27 04:52:24 UTC 157.240.200.14
mnemonic passive DNS accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-09-26 05:15:39 UTC 216.58.207.237
mnemonic passive DNS www.mercadopago.com (1) 88200 2012-08-02 08:48:15 UTC 2022-09-27 03:58:34 UTC 143.204.55.36
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:12:16 UTC 23.36.77.32
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-27 05:08:12 UTC 142.250.74.3
mnemonic passive DNS awesome-assets.yampi.me (2) 708511 2019-08-08 18:25:49 UTC 2022-09-27 00:59:01 UTC 104.26.3.88
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 05:44:40 UTC 143.204.55.36
mnemonic passive DNS images.yampi.me (3) 955081 2019-07-25 14:01:06 UTC 2022-09-26 19:51:23 UTC 104.26.3.88
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 05:04:23 UTC 142.250.74.174
mnemonic passive DNS stats.g.doubleclick.net (2) 96 2013-06-02 22:47:44 UTC 2022-09-27 04:52:22 UTC 64.233.162.154
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-26 05:21:53 UTC 151.101.86.137
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS www.gstatic.com (3) 0 2016-07-26 09:37:06 UTC 2022-09-26 20:43:42 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 170.82.174.30

Date UQ / IDS / BL URL IP
2022-11-24 05:00:46 +0000
0 - 0 - 4 seguro.xiaomidobrasill.com/cart?cart_token=sh (...) 170.82.174.30
2022-11-15 23:23:57 +0000
0 - 0 - 6 seguro.lojasacolazul.com.br/checkout/payment? (...) 170.82.174.30
2022-11-15 05:56:30 +0000
0 - 0 - 5 seguro.rosaselvagemacido.com/checkout/payment (...) 170.82.174.30
2022-11-15 04:57:35 +0000
0 - 0 - 3 seguro.efacilshop.com/checkout/payment?cart_t (...) 170.82.174.30
2022-11-15 04:47:25 +0000
0 - 0 - 3 seguro.cometabox.com/checkout/payment?cart_to (...) 170.82.174.30

Last 5 reports on ASN: 3L CLOUD INTERNET SERVICES LTDA - EPP

Date UQ / IDS / BL URL IP
2022-11-24 05:00:46 +0000
0 - 0 - 4 seguro.xiaomidobrasill.com/cart?cart_token=sh (...) 170.82.174.30
2022-11-24 05:00:44 +0000
0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-11-24 04:40:41 +0000
0 - 0 - 2 seguro.caixamisteriosa.net/cart?cart_token=f7 (...) 170.82.173.30
2022-11-21 11:08:00 +0000
0 - 0 - 3 brparacasa.com/ 170.82.174.10
2022-11-15 23:23:57 +0000
0 - 0 - 6 seguro.lojasacolazul.com.br/checkout/payment? (...) 170.82.174.30

Last 1 reports on domain: poweroferta.com

Date UQ / IDS / BL URL IP
2022-09-27 07:33:27 +0000
0 - 0 - 4 seguro.poweroferta.com/checkout/payment?cart_ (...) 170.82.174.30

No other reports with similar screenshot



JavaScript

Executed Scripts (49)


Executed Evals (5)

#1 JavaScript::Eval (size: 15552, repeated: 1) - SHA256: b7bb0c5ac33ab436c5fe975360ef1af5f66987c6c8bf5c0569e749197b16ecaa

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var c = function(E) {
            return E
        },
        h = this || self,
        L = function(E, R) {
            if (R = (E = h.trustedTypes, null), !E || !E.createPolicy) return R;
            try {
                R = E.createPolicy("bg", {
                    createHTML: c,
                    createScript: c,
                    createScriptURL: c
                })
            } catch (J) {
                h.console && h.console.error(J.message)
            }
            return R
        };
    (0, eval)(function(E, R) {
        return (R = L()) && 1 === E.eval(R.createScript("1")) ? function(J) {
            return R.createScript(J)
        } : function(J) {
            return "" + J
        }
    }(h)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var R4=function(E,R,c,L,O,J){function h(){if(E.A==E){if(E.o){var S=[C,R,c,void 0,O,J,arguments];if(2==L)var q=a(false,false,(K(S,E),E));else if(1==L){var r=!E.j.length;K(S,E),r&&a(false,false,E)}else q=EI(E,S);return q}O&&J&&O.removeEventListener(J,h,u)}}return h},J_=function(E,R,c,L){function O(){}return{invoke:(L=sI(E,(c=void 0,function(J){O&&(R&&Y(R),c=J,O(),O=void 0)}),!!R)[0],function(J,h,S,q){function r(){c(function(A){Y(function(){J(A)})},S)}if(!h)return h=L(S),J&&J(h),h;c?r():(q=O,O=function(){Y((q(),r))})})}},D=function(E,R,c){if(260==R||63==R)E.o[R]?E.o[R].concat(c):E.o[R]=cO(E,c);else{if(E.l&&174!=R)return;139==R||279==R||115==R||108==R||485==R?E.o[R]||(E.o[R]=h_(134,c,R,E)):E.o[R]=h_(17,c,R,E)}174==R&&(E.S=e(32,E,false),E.X=void 0)},l=function(E,R){R.h=((R.h?R.h+"~":"E:")+E.message+":"+E.stack).slice(0,2048)},Sy=function(E,R,c,L){try{L=E[((R|0)+2)%3],E[R]=(E[R]|0)-(E[((R|0)+1)%3]|0)-(L|0)^(1==R?L<<c:L>>>c)}catch(O){throw O;}},OI=function(E,R){return R(function(c){c(E)}),[function(){return E}]},q0=function(E,R,c){return E.u(function(L){c=L},false,R),c},CU=function(E,R,c,L,O){(L=N((c=W((L=(E&=(O=E&4,3),W(R)),R)),R),L),O&&(L=rm(""+L)),E)&&B(c,X(L.length,2),R),B(c,L,R)},W=function(E,R){if(E.W)return KU(E.Z,E);return(R=e(8,E,true),R&128)&&(R^=128,E=e(2,E,true),R=(R<<2)+(E|0)),R},m=function(E,R,c){c=this;try{a4(this,R,E)}catch(L){l(L,this),R(function(O){O(c.h)})}},A_=function(E,R,c,L,O){for(R=(L=R[O=0,3]|0,R[2]|0);14>O;O++)c=c>>>8|c<<24,L=L>>>8|L<<24,c+=E|0,E=E<<3|E>>>29,c^=R+1890,L+=R|0,L^=O+1890,R=R<<3|R>>>29,E^=c,R^=L;return[E>>>24&255,E>>>16&255,E>>>8&255,E>>>0&255,c>>>24&255,c>>>16&255,c>>>8&255,c>>>0&255]},uN=function(E,R){D(R,260,((R.hh.push(R.o.slice()),R).o[260]=void 0,E))},Z=function(E,R){for(R=[];E--;)R.push(255*Math.random()|0);return R},sI=function(E,R,c,L){return(L=y[E.substring(0,3)+"_"])?L(E.substring(3),R,c):OI(E,R)},cO=function(E,R,c){return(c=g[E.U](E.sl),c[E.U]=function(){return R},c).concat=function(L){R=L},c},iN=function(E,R){((R.push(E[0]<<24|E[1]<<16|E[2]<<8|E[3]),R).push(E[4]<<24|E[5]<<16|E[6]<<8|E[7]),R).push(E[8]<<24|E[9]<<16|E[10]<<8|E[11])},X=function(E,R,c,L){for(c=(L=[],R|0)-1;0<=c;c--)L[(R|0)-1-(c|0)]=E>>8*c&255;return L},nU=function(E,R,c,L){L=(c=W(E),W(E)),B(L,X(N(E,c),R),E)},TT=function(E,R,c,L){for(;R.j.length;){c=(R.G=null,R.j.pop());try{L=EI(R,c)}catch(O){l(O,R)}if(E&&R.G){(E=R.G,E)(function(){a(true,true,R)});break}}return L},wm=function(E,R){return g[E](g.prototype,{parent:R,propertyIsEnumerable:R,prototype:R,console:R,floor:R,document:R,splice:R,replace:R,call:R,pop:R,length:R,stack:R})},h_=function(E,R,c,L,O,J,h,S){return h=g[L.U]((J=(R=[51,27,-23,78,28,-90,(O=Y1,R),37,-90,16],E&7),L).Ah),h[L.U]=function(q){J+=(S=q,6)+7*E,J&=7},h.concat=function(q){return(q=(q=c%16+1,5)*c*c*q- -1972*S-918*c*S+J+34*S*S+(O()|0)*q-q*S+R[J+35&7]*c*q-170*c*c*S,q=R[q],S=void 0,R)[(J+61&7)+(E&2)]=q,R[J+(E&2)]=27,q},h},a=function(E,R,c,L,O,J){if(c.j.length){c.qN=(c.i&&0(),E),c.i=true;try{O=c.K(),c.I=O,c.H=0,c.B=O,L=TT(E,c),J=c.K()-c.I,c.Y+=J,J<(R?0:10)||0>=c.L--||(J=Math.floor(J),c.N.push(254>=J?J:254))}finally{c.i=false}return L}},pU=function(E,R){if(R=(E=null,x).trustedTypes,!R||!R.createPolicy)return E;try{E=R.createPolicy("bg",{createHTML:zT,createScript:zT,createScriptURL:zT})}catch(c){x.console&&x.console.error(c.message)}return E},K=function(E,R){R.j.splice(0,0,E)},a4=function(E,R,c,L,O){for(L=(O=((E.Ah=((E.yp=D8,E).pz=ey,E.XL=E[P],wm)(E.U,{get:function(){return this.concat()}}),E).sl=g[E.U](E.Ah,{value:{value:{}}}),[]),0);128>L;L++)O[L]=String.fromCharCode(L);((K([(V(348,E,(V((V(390,E,((V(461,((V(452,E,(V(249,E,(V(364,(V((V(164,(V(188,((V(234,E,(D(E,139,[160,0,(D(E,115,(D(E,279,(V(69,E,(V((V(61,(V(141,(D(E,(E.eG=(D(E,(V((D((V(437,(D(E,485,(D(E,(V(229,E,(D(E,((D(E,408,(V(200,(V(402,E,(V(236,E,(D(E,(V(214,E,(V(0,((V(23,(D(E,293,(D(E,(D(E,260,(E.Kz=(E.WF=(E.g=((E.h=(E.P=[],void 0),E.X=void 0,E).W=void 0,E.T=(E.v=(E.C=1,E.Y=0,8001),0),(E.B=0,E).L=(E.A=E,E.o=[],E.F=[],(E.H=void 0,E).N=[],(E.qN=false,E.Z=void 0,E.G=null,E).S=void 0,(E.j=[],E.O=void 0,E).l=((E.ZX=0,E).s=0,L=(E.I=0,window.performance||{}),false),E.hh=[],25),0),function(J){this.A=J}),E.i=false,L.timeOrigin||(L.timing||{}).navigationStart||0),0)),63),0),E)),E),function(J,h,S,q,r,A,n){for(q=(h=N(J,(n=(A=W(J),r=vO(J),""),224)),h.length),S=0;r--;)S=((S|0)+(vO(J)|0))%q,n+=O[h[S]];D(J,A,n)}),V)(406,E,function(J){CU(3,J)}),E),function(J,h,S,q){D(J,(S=(h=W(J),W(J)),q=W(J),q),N(J,h)||N(J,S))}),function(){})),21),0),function(J,h,S,q){D(J,(S=N(J,(q=N(J,(h=(q=(S=W(J),W(J)),W(J)),q)),S)),h),S in q|0)})),function(J,h,S){0!=N(J,(h=N(J,(h=W((S=W(J),J)),h)),S))&&D(J,260,h)})),E),function(J){CU(4,J)}),2048)),V)(128,E,function(J,h,S){(h=N(J,(S=(h=W(J),W(J)),h)),h=t_(h),D)(J,S,h)}),207),467),function(J,h,S,q){S=(h=I((q=W(J),J)),W(J)),D(J,S,N(J,q)>>>h)})),416),x),[0,0,0])),E),function(J,h,S,q){D(J,(S=(h=(q=(h=W(J),W(J)),N(J,h)),N(J,q)),q),S+h)}),E),108,[]),317),E,function(J,h,S,q,r,A,n,z,T,v,w,p){function H(t,Q){for(;r<t;)p|=I(J)<<r,r+=8;return Q=(r-=t,p)&(1<<t)-1,p>>=t,Q}for(p=(n=W(J),r=0),T=(H(3)|0)+1,S=H(5),h=[],q=w=0;w<S;w++)z=H(1),h.push(z),q+=z?0:1;for(v=(q=(w=((q|0)-1).toString(2).length,0),[]);q<S;q++)h[q]||(v[q]=H(w));for(w=0;w<S;w++)h[w]&&(v[w]=W(J));for(A=[];T--;)A.push(N(J,W(J)));V(n,J,function(t,Q,d,k,LU){for(Q=(LU=(d=[],[]),0);Q<S;Q++){if(!h[k=v[Q],Q]){for(;k>=d.length;)d.push(W(t));k=d[k]}LU.push(k)}t.Z=cO(t,(t.W=cO(t,A.slice()),LU))})}),446),{}),0),278),0),E),function(J){nU(J,4)}),E),function(J,h,S,q){D(J,(q=(S=N(J,(q=(S=W(J),W(J)),h=W(J),S)),N)(J,q),h),+(S==q))}),409),E,function(J,h){(J=N((h=W(J),J.A),h),J[0]).removeEventListener(J[1],J[2],u)}),function(J,h,S,q,r){for(r=(S=(q=vO((h=W(J),J)),0),[]);S<q;S++)r.push(I(J));D(J,h,r)})),Z(4))),[])),0)]),function(J,h,S,q){(h=(S=W(J),W(J)),q=W(J),J.A==J)&&(q=N(J,q),h=N(J,h),N(J,S)[h]=q,174==S&&(J.X=void 0,2==h&&(J.S=e(32,J,false),J.X=void 0)))})),V)(209,E,function(J,h,S){D(J,(S=(h=W(J),W)(J),S),""+N(J,h))}),E),function(J,h,S,q,r){h=N(J,(r=(S=N((r=(h=(q=W(J),W(J)),W(J)),S=W(J),J),S),q=N(J.A,q),N(J,r)),h)),0!==q&&(S=R4(J,r,S,1,q,h),q.addEventListener(h,S,u),D(J,21,[q,h,S]))}),E),function(J){nU(J,1)}),225),E,function(J,h,S,q,r,A){G(h,J,false,true)||(q=N0(J.A),h=q.R,S=q.oe,A=q.D,r=A.length,q=q.El,h=0==r?new S[h]:1==r?new S[h](A[0]):2==r?new S[h](A[0],A[1]):3==r?new S[h](A[0],A[1],A[2]):4==r?new S[h](A[0],A[1],A[2],A[3]):2(),D(J,q,h))}),E.ae=0,E),function(J,h,S){G(h,J,false,true)||(h=W(J),S=W(J),D(J,S,function(q){return eval(q)}(lN(N(J.A,h)))))}),function(J,h){h=N(J,W(J)),uN(h,J.A)})),function(J,h,S,q,r,A){if(!G(h,J,true,true)){if("object"==t_((A=(h=N((q=W((A=(r=W((h=W(J),J)),W(J)),J)),J),h),r=N(J,r),N(J,A)),J=N(J,q),h))){for(S in q=[],h)q.push(S);h=q}for(A=0<A?A:1,S=0,q=h.length;S<q;S+=A)r(h.slice(S,(S|0)+(A|0)),J)}})),E).kt=0,E),function(J){WO(J,4)}),V)(252,E,function(J,h,S,q,r){S=N(J,(q=N(J,(r=N(J,(q=(r=(S=(h=W(J),W(J)),W(J)),W(J)),r)),q)),S)),D(J,h,R4(J,S,r,q))}),function(J,h,S,q){!G(h,J,false,true)&&(h=N0(J),S=h.R,q=h.oe,J.A==J||S==J.WF&&q==J)&&(D(J,h.El,S.apply(q,h.D)),J.B=J.K())})),447),E,function(J,h,S,q){if(S=J.hh.pop()){for(q=I(J);0<q;q--)h=W(J),S[h]=J.o[h];((S[108]=J.o[108],S)[408]=J.o[408],J).o=S}else D(J,260,J.s)}),function(J,h,S,q){h=(S=N(J,(q=W((h=(S=W(J),W(J)),J)),S)),N(J,h)),D(J,q,S[h])})),QE)],E),K)([M,c],E),K)([BO,R],E),a(true,true,E)},rm=function(E,R,c,L,O){for(O=(E=E.replace(/\\r\\n/g,"\\n"),[]),R=L=0;L<E.length;L++)c=E.charCodeAt(L),128>c?O[R++]=c:(2048>c?O[R++]=c>>6|192:(55296==(c&64512)&&L+1<E.length&&56320==(E.charCodeAt(L+1)&64512)?(c=65536+((c&1023)<<10)+(E.charCodeAt(++L)&1023),O[R++]=c>>18|240,O[R++]=c>>12&63|128):O[R++]=c>>12|224,O[R++]=c>>6&63|128),O[R++]=c&63|128);return O},x=this||self,e=function(E,R,c,L,O,J,h,S,q,r,A,n,z,T){if((S=N(R,260),S)>=R.s)throw[f,31];for(L=(J=0,R.XL.length),h=E,n=S;0<h;)T=n>>3,r=n%8,q=R.F[T],O=8-(r|0),O=O<h?O:h,c&&(z=R,z.X!=n>>6&&(z.X=n>>6,A=N(z,174),z.O=A_(z.S,[0,0,A[1],A[2]],z.X)),q^=R.O[T&L]),n+=O,J|=(q>>8-(r|0)-(O|0)&(1<<O)-1)<<(h|0)-(O|0),h-=O;return D(R,260,(c=J,(S|0)+(E|0))),c},Xf=function(E,R,c){if(3==E.length){for(c=0;3>c;c++)R[c]+=E[c];for(c=(E=[13,8,13,12,16,5,3,10,15],0);9>c;c++)R[3](R,c%3,E[c])}},t_=function(E,R,c){if("object"==(c=typeof E,c))if(E){if(E instanceof Array)return"array";if(E instanceof Object)return c;if("[object Window]"==(R=Object.prototype.toString.call(E),R))return"object";if("[object Array]"==R||"number"==typeof E.length&&"undefined"!=typeof E.splice&&"undefined"!=typeof E.propertyIsEnumerable&&!E.propertyIsEnumerable("splice"))return"array";if("[object Function]"==R||"undefined"!=typeof E.call&&"undefined"!=typeof E.propertyIsEnumerable&&!E.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==c&&"undefined"==typeof E.call)return"object";return c},G=function(E,R,c,L,O,J,h,S,q){if((R.A=((q=(O=(h=(S=4==(J=(L||R.H++,0<R.g&&R.i&&R.qN&&1>=R.T)&&!R.W&&!R.G&&(!L||1<R.v-E)&&0==document.hidden,R.H))||J?R.K():R.B,h)-R.B,O)>>14,R.S)&&(R.S^=q*(O<<2)),q)||R.A,R.C+=q,S)||J)R.B=h,R.H=0;if(!J||h-R.I<R.g-(c?255:L?5:2))return false;return(c=N(R,(R.v=E,L?63:260)),D(R,260,R.s),R.j).push([m4,c,L?E+1:E]),R.G=Y,true},vO=function(E,R){return(R=I(E),R)&128&&(R=R&127|I(E)<<7),R},o4=function(E,R,c,L){return N(c,(D(c,260,(HO(((L=N(c,260),c.F&&L<c.s)?(D(c,260,c.s),uN(R,c)):D(c,260,R),E),c),L)),446))},b=function(E,R,c,L,O,J){if(!E.l){if(3<(c=N(((R=((J=void 0,c&&c[0]===f&&(J=c[2],R=c[1],c=void 0),O=N(E,108),0)==O.length&&(L=N(E,63)>>3,O.push(R,L>>8&255,L&255),void 0!=J&&O.push(J&255)),""),c)&&(c.message&&(R+=c.message),c.stack&&(R+=":"+c.stack)),E),408),c)){J=(R=(c-=((R=R.slice(0,(c|0)-3),R).length|0)+3,rm(R)),E.A),E.A=E;try{B(279,X(R.length,2).concat(R),E,9)}finally{E.A=J}}D(E,408,c)}},Z8=function(E,R){return R[E]<<24|R[(E|0)+1]<<16|R[(E|0)+2]<<8|R[(E|0)+3]},I=function(E){return E.W?KU(E.Z,E):e(8,E,true)},zT=function(E){return E},EI=function(E,R,c,L,O){if(L=R[0],L==F)E.L=25,E.V(R);else if(L==P){O=R[1];try{c=E.h||E.V(R)}catch(J){l(J,E),c=E.h}O(c)}else if(L==m4)E.V(R);else if(L==M)E.V(R);else if(L==BO){try{for(c=0;c<E.P.length;c++)try{O=E.P[c],O[0][O[1]](O[2])}catch(J){}}catch(J){}(0,(E.P=[],R)[1])(function(J,h){E.u(J,true,h)},function(J){K([yE],(J=!E.j.length,E)),J&&a(true,false,E)})}else{if(L==C)return c=R[2],D(E,433,R[6]),D(E,446,c),E.V(R);L==yE?(E.o=null,E.F=[],E.N=[]):L==QE&&"loading"===x.document.readyState&&(E.G=function(J,h){function S(){h||(h=true,J())}(x.document.addEventListener("DOMContentLoaded",S,(h=false,u)),x).addEventListener("load",S,u)})}},B=function(E,R,c,L,O,J){if(c.A==c)for(O=N(c,E),279==E?(E=function(h,S,q,r){if((r=(S=O.length,S|0)-4>>3,O).Ul!=r){q=[0,(r=(r<<3)-(O.Ul=r,4),0),J[1],J[2]];try{O.z$=A_(Z8(r,O),q,Z8((r|0)+4,O))}catch(A){throw A;}}O.push(O.z$[S&7]^h)},J=N(c,485)):E=function(h){O.push(h)},L&&E(L&255),c=0,L=R.length;c<L;c++)E(R[c])},Y=x.requestIdleCallback?function(E){requestIdleCallback(function(){E()},{timeout:4})}:x.setImmediate?function(E){setImmediate(E)}:function(E){setTimeout(E,0)},WO=function(E,R,c,L){for(c=(L=W(E),0);0<R;R--)c=c<<8|I(E);D(E,L,c)},V=function(E,R,c){D(R,E,c),c[QE]=2796},y,U,N=function(E,R){if((E=E.o[R],void 0)===E)throw[f,30,R];if(E.value)return E.create();return(E.create(5*R*R+27*R+-58),E).prototype},HO=function(E,R,c,L,O,J){if(!R.h){R.T++;try{for(O=(J=(c=R.s,void 0),0);--E;)try{if((L=void 0,R).W)J=KU(R.W,R);else{if(O=N(R,260),O>=c)break;J=N(R,(D(R,63,O),L=W(R),L))}G((J&&J[yE]&2048?J(R,E):b(R,0,[f,21,L]),E),R,false,false)}catch(h){N(R,207)?b(R,22,h):D(R,207,h)}if(!E){if(R.bG){HO((R.T--,188885615751),R);return}b(R,0,[f,33])}}catch(h){try{b(R,22,h)}catch(S){l(S,R)}}R.T--}},N0=function(E,R,c,L,O,J){for(c=(O=E[gm]||{},R=W(E),O.El=W(E),O.D=[],J=E.A==E?(I(E)|0)-1:1,L=W(E),0);c<J;c++)O.D.push(W(E));for(O.oe=N(E,L);J--;)O.D[J]=N(E,O.D[J]);return O.R=N(E,R),O},KU=function(E,R){return(E=E.create().shift(),R).W.create().length||R.Z.create().length||(R.Z=void 0,R.W=void 0),E},u={passive:true,capture:true},gm=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),BO=(m.prototype.bG=!(m.prototype.J="toString",1),[]),f=(m.prototype.mf=(m.prototype.Vp=void 0,void 0),{}),M=[],m4=[],F=[],yE=[],QE=[],P=[],C=[],Y1=((iN,Z,Sy,Xf,m.prototype).U="create",U=m.prototype,U.nz=function(E,R,c,L,O,J){for(O=(c=0,[]),J=0;J<E.length;J++)for(c+=R,L=L<<R|E[J];7<c;)c-=8,O.push(L>>c&255);return O},U.DX=function(E,R,c,L,O){for(L=O=0;L<E.length;L++)O+=E.charCodeAt(L),O+=O<<10,O^=O>>6;return(O=(E=(O+=O<<3,O^=O>>11,O+(O<<15)>>>0),new Number(E&(1<<R)-1)),O)[0]=(E>>>R)%c,O},void 0),g=f.constructor;(((U.K=(window.performance||{}).now?function(){return this.Kz+window.performance.now()}:function(){return+new Date},U.th=(U.dC=function(){return Math.floor(this.Y+(this.K()-this.I))},function(){return Math.floor(this.K())}),U).SG=function(E,R,c){return E^(R^=R<<13,R^=R>>17,(R=(R^R<<5)&c)||(R=1),R)},U).u=function(E,R,c,L,O){if(c="array"===t_(c)?c:[c],this.h)E(this.h);else try{O=[],L=!this.j.length,K([F,O,c],this),K([P,E,O],this),R&&!L||a(R,true,this)}catch(J){l(J,this),E(this.h)}},m.prototype).V=function(E,R){return R=(Y1=(E={},function(){return R==E?-58:-12}),{}),function(c,L,O,J,h,S,q,r,A,n,z,T,v,w,p){R=(n=R,E);try{if(S=c[0],S==M){z=c[1];try{for(h=(T=(p=[],atob(z)),v=0);v<T.length;v++)A=T.charCodeAt(v),255<A&&(p[h++]=A&255,A>>=8),p[h++]=A;D(this,(this.s=(this.F=p,this.F.length)<<3,174),[0,0,0])}catch(H){b(this,17,H);return}HO(8001,this)}else if(S==F)c[1].push(N(this,139).length,N(this,115).length,N(this,408),N(this,279).length),D(this,446,c[2]),this.o[479]&&o4(8001,N(this,479),this);else{if(S==P){this.A=(J=(O=X(((p=c[2],N(this,139).length)|0)+2,2),this.A),this);try{r=N(this,108),0<r.length&&B(139,X(r.length,2).concat(r),this,10),B(139,X(this.C,1),this,109),B(139,X(this[P].length,1),this),T=0,T+=N(this,278)&2047,T-=(N(this,139).length|0)+5,w=N(this,279),4<w.length&&(T-=(w.length|0)+3),0<T&&B(139,X(T,2).concat(Z(T)),this,15),4<w.length&&B(139,X(w.length,2).concat(w),this,156)}finally{this.A=J}if(((h=Z(2).concat(N(this,139)),h)[1]=h[0]^6,h)[3]=h[1]^O[0],h[4]=h[1]^O[1],L=this.jG(h))L="!"+L;else for(L="",T=0;T<h.length;T++)q=h[T][this.J](16),1==q.length&&(q="0"+q),L+=q;return N((D(this,408,(N(this,(N(this,(v=L,139)).length=p.shift(),115)).length=p.shift(),p.shift())),this),279).length=p.shift(),v}if(S==m4)o4(c[2],c[1],this);else if(S==C)return o4(8001,c[1],this)}}finally{R=n}}}();var ey,D8=(m.prototype.rC=((m.prototype.jG=function(E,R,c,L){if(c=window.btoa){for(L=0,R="";L<E.length;L+=8192)R+=String.fromCharCode.apply(null,E.slice(L,L+8192));E=c(R).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else E=void 0;return E},m.prototype).xt=0,0),m.prototype[BO]=[0,0,1,1,0,1,1],/./),x1=M.pop.bind(m.prototype[F]),lN=function(E,R){return(R=pU())&&1===E.eval(R.createScript("1"))?function(c){return R.createScript(c)}:function(c){return""+c}}(((ey=(D8[m.prototype.J]=x1,wm(m.prototype.U,{get:x1})),m).prototype.G$=void 0,x));(40<(y=x.botguard||(x.botguard={}),y.m)||(y.m=41,y.bg=J_,y.a=sI),y).ABO_=function(E,R,c){return[(c=new m(E,R),function(L){return q0(c,L)})]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 18121, repeated: 1) - SHA256: 6e82ce106cd3c2d7be378cb23b97e5c2cdf880eb5652dcebeb4888cbaef697e6

                                        (function() {
    var R4 = function(E, R, c, L, O, J) {
            function h() {
                if (E.A == E) {
                    if (E.o) {
                        var S = [C, R, c, void 0, O, J, arguments];
                        if (2 == L) var q = a(false, false, (K(S, E), E));
                        else if (1 == L) {
                            var r = !E.j.length;
                            K(S, E), r && a(false, false, E)
                        } else q = EI(E, S);
                        return q
                    }
                    O && J && O.removeEventListener(J, h, u)
                }
            }
            return h
        },
        J_ = function(E, R, c, L) {
            function O() {}
            return {
                invoke: (L = sI(E, (c = void 0, function(J) {
                    O && (R && Y(R), c = J, O(), O = void 0)
                }), !!R)[0], function(J, h, S, q) {
                    function r() {
                        c(function(A) {
                            Y(function() {
                                J(A)
                            })
                        }, S)
                    }
                    if (!h) return h = L(S), J && J(h), h;
                    c ? r() : (q = O, O = function() {
                        Y((q(), r))
                    })
                })
            }
        },
        D = function(E, R, c) {
            if (260 == R || 63 == R) E.o[R] ? E.o[R].concat(c) : E.o[R] = cO(E, c);
            else {
                if (E.l && 174 != R) return;
                139 == R || 279 == R || 115 == R || 108 == R || 485 == R ? E.o[R] || (E.o[R] = h_(134, c, R, E)) : E.o[R] = h_(17, c, R, E)
            }
            174 == R && (E.S = e(32, E, false), E.X = void 0)
        },
        l = function(E, R) {
            R.h = ((R.h ? R.h + "~" : "E:") + E.message + ":" + E.stack).slice(0, 2048)
        },
        Sy = function(E, R, c, L) {
            try {
                L = E[((R | 0) + 2) % 3], E[R] = (E[R] | 0) - (E[((R | 0) + 1) % 3] | 0) - (L | 0) ^ (1 == R ? L << c : L >>> c)
            } catch (O) {
                throw O;
            }
        },
        OI = function(E, R) {
            return R(function(c) {
                c(E)
            }), [function() {
                return E
            }]
        },
        q0 = function(E, R, c) {
            return E.u(function(L) {
                c = L
            }, false, R), c
        },
        CU = function(E, R, c, L, O) {
            (L = N((c = W((L = (E &= (O = E & 4, 3), W(R)), R)), R), L), O && (L = rm("" + L)), E) && B(c, X(L.length, 2), R), B(c, L, R)
        },
        W = function(E, R) {
            if (E.W) return KU(E.Z, E);
            return (R = e(8, E, true), R & 128) && (R ^= 128, E = e(2, E, true), R = (R << 2) + (E | 0)), R
        },
        m = function(E, R, c) {
            c = this;
            try {
                a4(this, R, E)
            } catch (L) {
                l(L, this), R(function(O) {
                    O(c.h)
                })
            }
        },
        A_ = function(E, R, c, L, O) {
            for (R = (L = R[O = 0, 3] | 0, R[2] | 0); 14 > O; O++) c = c >>> 8 | c << 24, L = L >>> 8 | L << 24, c += E | 0, E = E << 3 | E >>> 29, c ^= R + 1890, L += R | 0, L ^= O + 1890, R = R << 3 | R >>> 29, E ^= c, R ^= L;
            return [E >>> 24 & 255, E >>> 16 & 255, E >>> 8 & 255, E >>> 0 & 255, c >>> 24 & 255, c >>> 16 & 255, c >>> 8 & 255, c >>> 0 & 255]
        },
        uN = function(E, R) {
            D(R, 260, ((R.hh.push(R.o.slice()), R).o[260] = void 0, E))
        },
        Z = function(E, R) {
            for (R = []; E--;) R.push(255 * Math.random() | 0);
            return R
        },
        sI = function(E, R, c, L) {
            return (L = y[E.substring(0, 3) + "_"]) ? L(E.substring(3), R, c) : OI(E, R)
        },
        cO = function(E, R, c) {
            return (c = g[E.U](E.sl), c[E.U] = function() {
                return R
            }, c).concat = function(L) {
                R = L
            }, c
        },
        iN = function(E, R) {
            ((R.push(E[0] << 24 | E[1] << 16 | E[2] << 8 | E[3]), R).push(E[4] << 24 | E[5] << 16 | E[6] << 8 | E[7]), R).push(E[8] << 24 | E[9] << 16 | E[10] << 8 | E[11])
        },
        X = function(E, R, c, L) {
            for (c = (L = [], R | 0) - 1; 0 <= c; c--) L[(R | 0) - 1 - (c | 0)] = E >> 8 * c & 255;
            return L
        },
        nU = function(E, R, c, L) {
            L = (c = W(E), W(E)), B(L, X(N(E, c), R), E)
        },
        TT = function(E, R, c, L) {
            for (; R.j.length;) {
                c = (R.G = null, R.j.pop());
                try {
                    L = EI(R, c)
                } catch (O) {
                    l(O, R)
                }
                if (E && R.G) {
                    (E = R.G, E)(function() {
                        a(true, true, R)
                    });
                    break
                }
            }
            return L
        },
        wm = function(E, R) {
            return g[E](g.prototype, {
                parent: R,
                propertyIsEnumerable: R,
                prototype: R,
                console: R,
                floor: R,
                document: R,
                splice: R,
                replace: R,
                call: R,
                pop: R,
                length: R,
                stack: R
            })
        },
        h_ = function(E, R, c, L, O, J, h, S) {
            return h = g[L.U]((J = (R = [51, 27, -23, 78, 28, -90, (O = Y1, R), 37, -90, 16], E & 7), L).Ah), h[L.U] = function(q) {
                J += (S = q, 6) + 7 * E, J &= 7
            }, h.concat = function(q) {
                return (q = (q = c % 16 + 1, 5) * c * c * q - -1972 * S - 918 * c * S + J + 34 * S * S + (O() | 0) * q - q * S + R[J + 35 & 7] * c * q - 170 * c * c * S, q = R[q], S = void 0, R)[(J + 61 & 7) + (E & 2)] = q, R[J + (E & 2)] = 27, q
            }, h
        },
        a = function(E, R, c, L, O, J) {
            if (c.j.length) {
                c.qN = (c.i && 0(), E), c.i = true;
                try {
                    O = c.K(), c.I = O, c.H = 0, c.B = O, L = TT(E, c), J = c.K() - c.I, c.Y += J, J < (R ? 0 : 10) || 0 >= c.L-- || (J = Math.floor(J), c.N.push(254 >= J ? J : 254))
                } finally {
                    c.i = false
                }
                return L
            }
        },
        pU = function(E, R) {
            if (R = (E = null, x).trustedTypes, !R || !R.createPolicy) return E;
            try {
                E = R.createPolicy("bg", {
                    createHTML: zT,
                    createScript: zT,
                    createScriptURL: zT
                })
            } catch (c) {
                x.console && x.console.error(c.message)
            }
            return E
        },
        K = function(E, R) {
            R.j.splice(0, 0, E)
        },
        a4 = function(E, R, c, L, O) {
            for (L = (O = ((E.Ah = ((E.yp = D8, E).pz = ey, E.XL = E[P], wm)(E.U, {get: function() {
                        return this.concat()
                    }
                }), E).sl = g[E.U](E.Ah, {
                    value: {
                        value: {}
                    }
                }), []), 0); 128 > L; L++) O[L] = String.fromCharCode(L);
            ((K([(V(348, E, (V((V(390, E, ((V(461, ((V(452, E, (V(249, E, (V(364, (V((V(164, (V(188, ((V(234, E, (D(E, 139, [160, 0, (D(E, 115, (D(E, 279, (V(69, E, (V((V(61, (V(141, (D(E, (E.eG = (D(E, (V((D((V(437, (D(E, 485, (D(E, (V(229, E, (D(E, ((D(E, 408, (V(200, (V(402, E, (V(236, E, (D(E, (V(214, E, (V(0, ((V(23, (D(E, 293, (D(E, (D(E, 260, (E.Kz = (E.WF = (E.g = ((E.h = (E.P = [], void 0), E.X = void 0, E).W = void 0, E.T = (E.v = (E.C = 1, E.Y = 0, 8001), 0), (E.B = 0, E).L = (E.A = E, E.o = [], E.F = [], (E.H = void 0, E).N = [], (E.qN = false, E.Z = void 0, E.G = null, E).S = void 0, (E.j = [], E.O = void 0, E).l = ((E.ZX = 0, E).s = 0, L = (E.I = 0, window.performance || {}), false), E.hh = [], 25), 0), function(J) {
                this.A = J
            }), E.i = false, L.timeOrigin || (L.timing || {}).navigationStart || 0), 0)), 63), 0), E)), E), function(J, h, S, q, r, A, n) {
                for (q = (h = N(J, (n = (A = W(J), r = vO(J), ""), 224)), h.length), S = 0; r--;) S = ((S | 0) + (vO(J) | 0)) % q, n += O[h[S]];
                D(J, A, n)
            }), V)(406, E, function(J) {
                CU(3, J)
            }), E), function(J, h, S, q) {
                D(J, (S = (h = W(J), W(J)), q = W(J), q), N(J, h) || N(J, S))
            }), function() {})), 21), 0), function(J, h, S, q) {
                D(J, (S = N(J, (q = N(J, (h = (q = (S = W(J), W(J)), W(J)), q)), S)), h), S in q | 0)
            })), function(J, h, S) {
                0 != N(J, (h = N(J, (h = W((S = W(J), J)), h)), S)) && D(J, 260, h)
            })), E), function(J) {
                CU(4, J)
            }), 2048)), V)(128, E, function(J, h, S) {
                (h = N(J, (S = (h = W(J), W(J)), h)), h = t_(h), D)(J, S, h)
            }), 207), 467), function(J, h, S, q) {
                S = (h = I((q = W(J), J)), W(J)), D(J, S, N(J, q) >>> h)
            })), 416), x), [0, 0, 0])), E), function(J, h, S, q) {
                D(J, (S = (h = (q = (h = W(J), W(J)), N(J, h)), N(J, q)), q), S + h)
            }), E), 108, []), 317), E, function(J, h, S, q, r, A, n, z, T, v, w, p) {
                function H(t, Q) {
                    for (; r < t;) p |= I(J) << r, r += 8;
                    return Q = (r -= t, p) & (1 << t) - 1, p >>= t, Q
                }
                for (p = (n = W(J), r = 0), T = (H(3) | 0) + 1, S = H(5), h = [], q = w = 0; w < S; w++) z = H(1), h.push(z), q += z ? 0 : 1;
                for (v = (q = (w = ((q | 0) - 1).toString(2).length, 0), []); q < S; q++) h[q] || (v[q] = H(w));
                for (w = 0; w < S; w++) h[w] && (v[w] = W(J));
                for (A = []; T--;) A.push(N(J, W(J)));
                V(n, J, function(t, Q, d, k, LU) {
                    for (Q = (LU = (d = [], []), 0); Q < S; Q++) {
                        if (!h[k = v[Q], Q]) {
                            for (; k >= d.length;) d.push(W(t));
                            k = d[k]
                        }
                        LU.push(k)
                    }
                    t.Z = cO(t, (t.W = cO(t, A.slice()), LU))
                })
            }), 446), {}), 0), 278), 0), E), function(J) {
                nU(J, 4)
            }), E), function(J, h, S, q) {
                D(J, (q = (S = N(J, (q = (S = W(J), W(J)), h = W(J), S)), N)(J, q), h), +(S == q))
            }), 409), E, function(J, h) {
                (J = N((h = W(J), J.A), h), J[0]).removeEventListener(J[1], J[2], u)
            }), function(J, h, S, q, r) {
                for (r = (S = (q = vO((h = W(J), J)), 0), []); S < q; S++) r.push(I(J));
                D(J, h, r)
            })), Z(4))), [])), 0)]), function(J, h, S, q) {
                (h = (S = W(J), W(J)), q = W(J), J.A == J) && (q = N(J, q), h = N(J, h), N(J, S)[h] = q, 174 == S && (J.X = void 0, 2 == h && (J.S = e(32, J, false), J.X = void 0)))
            })), V)(209, E, function(J, h, S) {
                D(J, (S = (h = W(J), W)(J), S), "" + N(J, h))
            }), E), function(J, h, S, q, r) {
                h = N(J, (r = (S = N((r = (h = (q = W(J), W(J)), W(J)), S = W(J), J), S), q = N(J.A, q), N(J, r)), h)), 0 !== q && (S = R4(J, r, S, 1, q, h), q.addEventListener(h, S, u), D(J, 21, [q, h, S]))
            }), E), function(J) {
                nU(J, 1)
            }), 225), E, function(J, h, S, q, r, A) {
                G(h, J, false, true) || (q = N0(J.A), h = q.R, S = q.oe, A = q.D, r = A.length, q = q.El, h = 0 == r ? new S[h] : 1 == r ? new S[h](A[0]) : 2 == r ? new S[h](A[0], A[1]) : 3 == r ? new S[h](A[0], A[1], A[2]) : 4 == r ? new S[h](A[0], A[1], A[2], A[3]) : 2(), D(J, q, h))
            }), E.ae = 0, E), function(J, h, S) {
                G(h, J, false, true) || (h = W(J), S = W(J), D(J, S, function(q) {
                    return eval(q)
                }(lN(N(J.A, h)))))
            }), function(J, h) {
                h = N(J, W(J)), uN(h, J.A)
            })), function(J, h, S, q, r, A) {
                if (!G(h, J, true, true)) {
                    if ("object" == t_((A = (h = N((q = W((A = (r = W((h = W(J), J)), W(J)), J)), J), h), r = N(J, r), N(J, A)), J = N(J, q), h))) {
                        for (S in q = [], h) q.push(S);
                        h = q
                    }
                    for (A = 0 < A ? A : 1, S = 0, q = h.length; S < q; S += A) r(h.slice(S, (S | 0) + (A | 0)), J)
                }
            })), E).kt = 0, E), function(J) {
                WO(J, 4)
            }), V)(252, E, function(J, h, S, q, r) {
                S = N(J, (q = N(J, (r = N(J, (q = (r = (S = (h = W(J), W(J)), W(J)), W(J)), r)), q)), S)), D(J, h, R4(J, S, r, q))
            }), function(J, h, S, q) {
                !G(h, J, false, true) && (h = N0(J), S = h.R, q = h.oe, J.A == J || S == J.WF && q == J) && (D(J, h.El, S.apply(q, h.D)), J.B = J.K())
            })), 447), E, function(J, h, S, q) {
                if (S = J.hh.pop()) {
                    for (q = I(J); 0 < q; q--) h = W(J), S[h] = J.o[h];
                    ((S[108] = J.o[108], S)[408] = J.o[408], J).o = S
                } else D(J, 260, J.s)
            }), function(J, h, S, q) {
                h = (S = N(J, (q = W((h = (S = W(J), W(J)), J)), S)), N(J, h)), D(J, q, S[h])
            })), QE)], E), K)([M, c], E), K)([BO, R], E), a(true, true, E)
        },
        rm = function(E, R, c, L, O) {
            for (O = (E = E.replace(/\r\n/g, "\n"), []), R = L = 0; L < E.length; L++) c = E.charCodeAt(L), 128 > c ? O[R++] = c : (2048 > c ? O[R++] = c >> 6 | 192 : (55296 == (c & 64512) && L + 1 < E.length && 56320 == (E.charCodeAt(L + 1) & 64512) ? (c = 65536 + ((c & 1023) << 10) + (E.charCodeAt(++L) & 1023), O[R++] = c >> 18 | 240, O[R++] = c >> 12 & 63 | 128) : O[R++] = c >> 12 | 224, O[R++] = c >> 6 & 63 | 128), O[R++] = c & 63 | 128);
            return O
        },
        x = this || self,
        e = function(E, R, c, L, O, J, h, S, q, r, A, n, z, T) {
            if ((S = N(R, 260), S) >= R.s) throw [f, 31];
            for (L = (J = 0, R.XL.length), h = E, n = S; 0 < h;) T = n >> 3, r = n % 8, q = R.F[T], O = 8 - (r | 0), O = O < h ? O : h, c && (z = R, z.X != n >> 6 && (z.X = n >> 6, A = N(z, 174), z.O = A_(z.S, [0, 0, A[1], A[2]], z.X)), q ^= R.O[T & L]), n += O, J |= (q >> 8 - (r | 0) - (O | 0) & (1 << O) - 1) << (h | 0) - (O | 0), h -= O;
            return D(R, 260, (c = J, (S | 0) + (E | 0))), c
        },
        Xf = function(E, R, c) {
            if (3 == E.length) {
                for (c = 0; 3 > c; c++) R[c] += E[c];
                for (c = (E = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > c; c++) R[3](R, c % 3, E[c])
            }
        },
        t_ = function(E, R, c) {
            if ("object" == (c = typeof E, c))
                if (E) {
                    if (E instanceof Array) return "array";
                    if (E instanceof Object) return c;
                    if ("[object Window]" == (R = Object.prototype.toString.call(E), R)) return "object";
                    if ("[object Array]" == R || "number" == typeof E.length && "undefined" != typeof E.splice && "undefined" != typeof E.propertyIsEnumerable && !E.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == R || "undefined" != typeof E.call && "undefined" != typeof E.propertyIsEnumerable && !E.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == c && "undefined" == typeof E.call) return "object";
            return c
        },
        G = function(E, R, c, L, O, J, h, S, q) {
            if ((R.A = ((q = (O = (h = (S = 4 == (J = (L || R.H++, 0 < R.g && R.i && R.qN && 1 >= R.T) && !R.W && !R.G && (!L || 1 < R.v - E) && 0 == document.hidden, R.H)) || J ? R.K() : R.B, h) - R.B, O) >> 14, R.S) && (R.S ^= q * (O << 2)), q) || R.A, R.C += q, S) || J) R.B = h, R.H = 0;
            if (!J || h - R.I < R.g - (c ? 255 : L ? 5 : 2)) return false;
            return (c = N(R, (R.v = E, L ? 63 : 260)), D(R, 260, R.s), R.j).push([m4, c, L ? E + 1 : E]), R.G = Y, true
        },
        vO = function(E, R) {
            return (R = I(E), R) & 128 && (R = R & 127 | I(E) << 7), R
        },
        o4 = function(E, R, c, L) {
            return N(c, (D(c, 260, (HO(((L = N(c, 260), c.F && L < c.s) ? (D(c, 260, c.s), uN(R, c)) : D(c, 260, R), E), c), L)), 446))
        },
        b = function(E, R, c, L, O, J) {
            if (!E.l) {
                if (3 < (c = N(((R = ((J = void 0, c && c[0] === f && (J = c[2], R = c[1], c = void 0), O = N(E, 108), 0) == O.length && (L = N(E, 63) >> 3, O.push(R, L >> 8 & 255, L & 255), void 0 != J && O.push(J & 255)), ""), c) && (c.message && (R += c.message), c.stack && (R += ":" + c.stack)), E), 408), c)) {
                    J = (R = (c -= ((R = R.slice(0, (c | 0) - 3), R).length | 0) + 3, rm(R)), E.A), E.A = E;
                    try {
                        B(279, X(R.length, 2).concat(R), E, 9)
                    } finally {
                        E.A = J
                    }
                }
                D(E, 408, c)
            }
        },
        Z8 = function(E, R) {
            return R[E] << 24 | R[(E | 0) + 1] << 16 | R[(E | 0) + 2] << 8 | R[(E | 0) + 3]
        },
        I = function(E) {
            return E.W ? KU(E.Z, E) : e(8, E, true)
        },
        zT = function(E) {
            return E
        },
        EI = function(E, R, c, L, O) {
            if (L = R[0], L == F) E.L = 25, E.V(R);
            else if (L == P) {
                O = R[1];
                try {
                    c = E.h || E.V(R)
                } catch (J) {
                    l(J, E), c = E.h
                }
                O(c)
            } else if (L == m4) E.V(R);
            else if (L == M) E.V(R);
            else if (L == BO) {
                try {
                    for (c = 0; c < E.P.length; c++) try {
                        O = E.P[c], O[0][O[1]](O[2])
                    } catch (J) {}
                } catch (J) {}(0, (E.P = [], R)[1])(function(J, h) {
                    E.u(J, true, h)
                }, function(J) {
                    K([yE], (J = !E.j.length, E)), J && a(true, false, E)
                })
            } else {
                if (L == C) return c = R[2], D(E, 433, R[6]), D(E, 446, c), E.V(R);
                L == yE ? (E.o = null, E.F = [], E.N = []) : L == QE && "loading" === x.document.readyState && (E.G = function(J, h) {
                    function S() {
                        h || (h = true, J())
                    }(x.document.addEventListener("DOMContentLoaded", S, (h = false, u)), x).addEventListener("load", S, u)
                })
            }
        },
        B = function(E, R, c, L, O, J) {
            if (c.A == c)
                for (O = N(c, E), 279 == E ? (E = function(h, S, q, r) {
                        if ((r = (S = O.length, S | 0) - 4 >> 3, O).Ul != r) {
                            q = [0, (r = (r << 3) - (O.Ul = r, 4), 0), J[1], J[2]];
                            try {
                                O.z$ = A_(Z8(r, O), q, Z8((r | 0) + 4, O))
                            } catch (A) {
                                throw A;
                            }
                        }
                        O.push(O.z$[S & 7] ^ h)
                    }, J = N(c, 485)) : E = function(h) {
                        O.push(h)
                    }, L && E(L & 255), c = 0, L = R.length; c < L; c++) E(R[c])
        },
        Y = x.requestIdleCallback ? function(E) {
            requestIdleCallback(function() {
                E()
            }, {
                timeout: 4
            })
        } : x.setImmediate ? function(E) {
            setImmediate(E)
        } : function(E) {
            setTimeout(E, 0)
        },
        WO = function(E, R, c, L) {
            for (c = (L = W(E), 0); 0 < R; R--) c = c << 8 | I(E);
            D(E, L, c)
        },
        V = function(E, R, c) {
            D(R, E, c), c[QE] = 2796
        },
        y, U, N = function(E, R) {
            if ((E = E.o[R], void 0) === E) throw [f, 30, R];
            if (E.value) return E.create();
            return (E.create(5 * R * R + 27 * R + -58), E).prototype
        },
        HO = function(E, R, c, L, O, J) {
            if (!R.h) {
                R.T++;
                try {
                    for (O = (J = (c = R.s, void 0), 0); --E;) try {
                        if ((L = void 0, R).W) J = KU(R.W, R);
                        else {
                            if (O = N(R, 260), O >= c) break;
                            J = N(R, (D(R, 63, O), L = W(R), L))
                        }
                        G((J && J[yE] & 2048 ? J(R, E) : b(R, 0, [f, 21, L]), E), R, false, false)
                    } catch (h) {
                        N(R, 207) ? b(R, 22, h) : D(R, 207, h)
                    }
                    if (!E) {
                        if (R.bG) {
                            HO((R.T--, 188885615751), R);
                            return
                        }
                        b(R, 0, [f, 33])
                    }
                } catch (h) {
                    try {
                        b(R, 22, h)
                    } catch (S) {
                        l(S, R)
                    }
                }
                R.T--
            }
        },
        N0 = function(E, R, c, L, O, J) {
            for (c = (O = E[gm] || {}, R = W(E), O.El = W(E), O.D = [], J = E.A == E ? (I(E) | 0) - 1 : 1, L = W(E), 0); c < J; c++) O.D.push(W(E));
            for (O.oe = N(E, L); J--;) O.D[J] = N(E, O.D[J]);
            return O.R = N(E, R), O
        },
        KU = function(E, R) {
            return (E = E.create().shift(), R).W.create().length || R.Z.create().length || (R.Z = void 0, R.W = void 0), E
        },
        u = {
            passive: true,
            capture: true
        },
        gm = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        BO = (m.prototype.bG = !(m.prototype.J = "toString", 1), []),
        f = (m.prototype.mf = (m.prototype.Vp = void 0, void 0), {}),
        M = [],
        m4 = [],
        F = [],
        yE = [],
        QE = [],
        P = [],
        C = [],
        Y1 = ((iN, Z, Sy, Xf, m.prototype).U = "create", U = m.prototype, U.nz = function(E, R, c, L, O, J) {
            for (O = (c = 0, []), J = 0; J < E.length; J++)
                for (c += R, L = L << R | E[J]; 7 < c;) c -= 8, O.push(L >> c & 255);
            return O
        }, U.DX = function(E, R, c, L, O) {
            for (L = O = 0; L < E.length; L++) O += E.charCodeAt(L), O += O << 10, O ^= O >> 6;
            return (O = (E = (O += O << 3, O ^= O >> 11, O + (O << 15) >>> 0), new Number(E & (1 << R) - 1)), O)[0] = (E >>> R) % c, O
        }, void 0),
        g = f.constructor;
    (((U.K = (window.performance || {}).now ? function() {
        return this.Kz + window.performance.now()
    } : function() {
        return +new Date
    }, U.th = (U.dC = function() {
        return Math.floor(this.Y + (this.K() - this.I))
    }, function() {
        return Math.floor(this.K())
    }), U).SG = function(E, R, c) {
        return E ^ (R ^= R << 13, R ^= R >> 17, (R = (R ^ R << 5) & c) || (R = 1), R)
    }, U).u = function(E, R, c, L, O) {
        if (c = "array" === t_(c) ? c : [c], this.h) E(this.h);
        else try {
            O = [], L = !this.j.length, K([F, O, c], this), K([P, E, O], this), R && !L || a(R, true, this)
        } catch (J) {
            l(J, this), E(this.h)
        }
    }, m.prototype).V = function(E, R) {
        return R = (Y1 = (E = {}, function() {
                return R == E ? -58 : -12
            }), {}),
            function(c, L, O, J, h, S, q, r, A, n, z, T, v, w, p) {
                R = (n = R, E);
                try {
                    if (S = c[0], S == M) {
                        z = c[1];
                        try {
                            for (h = (T = (p = [], atob(z)), v = 0); v < T.length; v++) A = T.charCodeAt(v), 255 < A && (p[h++] = A & 255, A >>= 8), p[h++] = A;
                            D(this, (this.s = (this.F = p, this.F.length) << 3, 174), [0, 0, 0])
                        } catch (H) {
                            b(this, 17, H);
                            return
                        }
                        HO(8001, this)
                    } else if (S == F) c[1].push(N(this, 139).length, N(this, 115).length, N(this, 408), N(this, 279).length), D(this, 446, c[2]), this.o[479] && o4(8001, N(this, 479), this);
                    else {
                        if (S == P) {
                            this.A = (J = (O = X(((p = c[2], N(this, 139).length) | 0) + 2, 2), this.A), this);
                            try {
                                r = N(this, 108), 0 < r.length && B(139, X(r.length, 2).concat(r), this, 10), B(139, X(this.C, 1), this, 109), B(139, X(this[P].length, 1), this), T = 0, T += N(this, 278) & 2047, T -= (N(this, 139).length | 0) + 5, w = N(this, 279), 4 < w.length && (T -= (w.length | 0) + 3), 0 < T && B(139, X(T, 2).concat(Z(T)), this, 15), 4 < w.length && B(139, X(w.length, 2).concat(w), this, 156)
                            } finally {
                                this.A = J
                            }
                            if (((h = Z(2).concat(N(this, 139)), h)[1] = h[0] ^ 6, h)[3] = h[1] ^ O[0], h[4] = h[1] ^ O[1], L = this.jG(h)) L = "!" + L;
                            else
                                for (L = "", T = 0; T < h.length; T++) q = h[T][this.J](16), 1 == q.length && (q = "0" + q), L += q;
                            return N((D(this, 408, (N(this, (N(this, (v = L, 139)).length = p.shift(), 115)).length = p.shift(), p.shift())), this), 279).length = p.shift(), v
                        }
                        if (S == m4) o4(c[2], c[1], this);
                        else if (S == C) return o4(8001, c[1], this)
                    }
                } finally {
                    R = n
                }
            }
    }();
    var ey, D8 = (m.prototype.rC = ((m.prototype.jG = function(E, R, c, L) {
            if (c = window.btoa) {
                for (L = 0, R = ""; L < E.length; L += 8192) R += String.fromCharCode.apply(null, E.slice(L, L + 8192));
                E = c(R).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else E = void 0;
            return E
        }, m.prototype).xt = 0, 0), m.prototype[BO] = [0, 0, 1, 1, 0, 1, 1], /./),
        x1 = M.pop.bind(m.prototype[F]),
        lN = function(E, R) {
            return (R = pU()) && 1 === E.eval(R.createScript("1")) ? function(c) {
                return R.createScript(c)
            } : function(c) {
                return "" + c
            }
        }(((ey = (D8[m.prototype.J] = x1, wm(m.prototype.U, {get: x1
        })), m).prototype.G$ = void 0, x));
    (40 < (y = x.botguard || (x.botguard = {}), y.m) || (y.m = 41, y.bg = J_, y.a = sI), y).ABO_ = function(E, R, c) {
        return [(c = new m(E, R), function(L) {
            return q0(c, L)
        })]
    };
}).call(this);
                                    

#3 JavaScript::Eval (size: 62, repeated: 1) - SHA256: 9a40ef33f7700831131770a8048c5a08faa312d7311fc2c6ced1909ea6e458ce

                                        0,
function(J, h, S) {
    S = (h = (S = W(J), W)(J), J.o)[S] && N(J, S), D(J, h, S)
}
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 531ec07d216cb5810b6ebf63f292c8c1759049139e175d847973b17cd08238fa

                                        0,
function(J) {
    WO(J, 1)
}
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: d651a2902f113132877a12117727707b1031e8f12615f8a3a0ad138ea5eb79ea

                                        0,
function(J) {
    WO(J, 2)
}
                                    

Executed Writes (0)



HTTP Transactions (110)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 07:33:15 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 06:44:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F3bCxSbUx9l82_-ez4KMYFvvq1tXHCrNSrLcVcYBylT-_sh4y3dNbQ==
Age: 2939


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13739
Expires: Tue, 27 Sep 2022 11:22:14 GMT
Date: Tue, 27 Sep 2022 07:33:15 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Hu5WjRU59wnPcMa7onFtGD0y69V2uhVBV1S1hfXCd2kzJaCPAnxCux4WJRs0fFSom/W0rvD4O5A=
x-amz-request-id: 0ZJF6X5APRBE2ZKR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 06:46:43 GMT
age: 2792
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 HTTP/1.1 
Host: seguro.poweroferta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         170.82.173.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 27 Sep 2022 07:33:15 GMT
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.poweroferta.com:443/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
X-GoCache-CacheStatus: BYPASS
Server: gocache


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   134
Md5:    4aa7a432bb447f094408f1bd6229c605
Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa
Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 07:33:15 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 07:10:46 GMT
Expires: Tue, 27 Sep 2022 07:38:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HvhO7oOp__lYQba23V0vwrIv-6bihh1KgyPVGItmERX_VtB6v0ircQ==
Age: 1350


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A17A3EF70990B0B58BC5600096D81B3593A246A821F869DB3D52D9A3949553FF"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Tue, 27 Sep 2022 13:32:41 GMT
Date: Tue, 27 Sep 2022 07:33:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2700
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:16 GMT
Last-Modified: Tue, 27 Sep 2022 06:48:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /V5EFyFMb8WQ9tUQPyYjwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.98.34
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UaOkWqp4vZ0Jy2tJNQ9Gt9qJ0TA=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

                                        
                                            GET /checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 HTTP/1.1 
Host: seguro.poweroferta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         170.82.173.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 07:33:16 GMT
location: https://seguro.poweroferta.com/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InR3VzlsRHNDcTVWdlY1QzRnNXJvZEE9PSIsInZhbHVlIjoia242cVI0aktzSjVCd05MaHpkNXoyd0E3U0c3S0k1dTBLMmhIRjhSeHBVcWNIcDZ1TnN0dHU1QWNWd2lQeTBSNll0RUlkRDB6VXJkeEJLTklvUHNRV3c9PSIsIm1hYyI6ImRjMjIwMTRlNzMwYWZhYTNiMTZlOTQ4ZjkzMzc2OTAzMzc3ODFhMDRhODUxYmEwNTNlZWY2NmE1OGYwOGFmOTcifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:16 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6Ikw4R2toNVwvVXFwS0xubEdSTzJNOFFnPT0iLCJ2YWx1ZSI6ImxaQ3J6VTVHNUV0ZVJWWmlBdFpSVVBLcnRXaEh3NkZSeEhDR0EzK2hcL3hncnFYS2R4NHhQWDdUQ1hxYzJ1aGh5Szd1eSs3OUpHdmRad2RWNENmenVHdz09IiwibWFjIjoiMjA1ZGZmZjk1YWFlOGU0NzEyNzMwOTM4NDU0MjA0NGQwMzhlZWRkYTE1Zjk3MmEyNmQ2OTM4MDY2ODY1NjUxYyJ9; expires=Tue, 27-Sep-2022 10:33:16 GMT; Max-Age=10800; path=/; httponly loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D; expires=Sun, 02-Oct-2022 07:33:16 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22768
Md5:    bbee5fb0c7508549b69c69d4584edeff
Sha1:   c993f26e76b99198249b562316f1f1a3446a2aa3
Sha256: a34e2d806ed5e31b2967ec23ad371cdeef4263dd9df4e9b79a250379b50f594e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 35039
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5319
Md5:    46e31aa06b8e86a9a5f9ba1cc3feca08
Sha1:   75df3341e30281fcbf78c7074980356fdf0be8e2
Sha256: d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 34201
etag: "2b53c4f836970501a682dae07235215c487d35cc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7716
Md5:    8ef8d9284ebd57a7cf76ceb762291356
Sha1:   2b53c4f836970501a682dae07235215c487d35cc
Sha256: 3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10864
x-amzn-requestid: a6be937a-3e8f-4dad-bbca-f28554f5ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioQqFHsoAMFxXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420d0-78fecb9e2f76416044839a35;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:08:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: l-svEjPVAfeYvCQAHsARjTk9PNdkVGUJA_2415312kWF2x6MDI7o7A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:17:07 GMT
age: 65770
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10864
Md5:    56c3768b851e6a5206cbfbe3f5a97cae
Sha1:   2a2fabd9f9792daf9c058fc754d5616267b703f1
Sha256: 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 65086
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8255
Md5:    fa70ece15044b7318cb11ae5e37a64e7
Sha1:   04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
Sha256: 8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 35039
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /sdk/javascript/v1/mercadopago.js HTTP/1.1 
Host: secure.mlstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "825262-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: d2e52704-7958-472c-b559-cac792b41f98
X-Request-Device-Id: d2e52704-7958-472c-b559-cac792b41f98
X-D2id: d2e52704-7958-472c-b559-cac792b41f98
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (25829), with no line terminators
Size:   9065
Md5:    13e3cc8ff400bf1da09ba98065151e4a
Sha1:   05da8917634372f71cd2f851e42129fecfb2f45f
Sha256: 9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:18 GMT
Server: ECS (amb/6BB5)
Content-Length: 280

                                        
                                            POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2759
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:18 GMT
Last-Modified: Tue, 27 Sep 2022 06:47:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 27 Sep 2022 07:33:18 GMT
date: Tue, 27 Sep 2022 07:33:18 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    7d84c4456027d3c2e042f55c624444cb
Sha1:   ae1299213270a14574bac01f8f91d29a4c9ffd7c
Sha256: 5ac486ab075825fc510d276894e2a289866e243bbb1efe2f5246c710f307aae4
                                        
                                            GET /v0.js HTTP/1.1 
Host: js.upnid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         130.211.14.112
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Tue, 27 Sep 2022 07:25:29 GMT
age: 469
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23050)
Size:   8310
Md5:    49fa980f95bb3bbff8b7a2857a727d5d
Sha1:   9e931943f03079522318820948018d78610eaca4
Sha256: 4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Tue, 27 Sep 2022 11:21:12 GMT
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:18 GMT
Server: ECS (amb/6BB5)
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
content-length: 9665
x-amz-id-2: bYYK0NFZ5dNm+0hOiRtWVm56DXbyOJsUswzTjFDPLu2WxLaMGJp2JwJ1UIDCvJUEnFB+Jy8cLE0=
x-amz-request-id: SB6T4EV0GERXNBSW
last-modified: Wed, 05 May 2021 12:28:44 GMT
x-amz-version-id: 9qEFXlq0ADyMSYF5gYLucNhB_XBEjUOM
etag: "ff0f08e495143eaeead6e6a41b6f760b"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8BlvZQgoh4Hsfu78yrgy2dVUFpc5%2B6jgXcIgE2KOL8FtN6g3RYODFMLrHQkp%2Bz%2BKdmFB5v%2B4ySFC2cEEBZ4L6oZkc0rlTY3nHdgNP9GWzJWwzUdO%2FoADbLn7O2rDcb0sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f58b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   9665
Md5:    ff0f08e495143eaeead6e6a41b6f760b
Sha1:   c41983416e217ae3a2cb70578d2e6dfd0299a3ad
Sha256: dae3f404cc48f14d6a383843f2f9b7feb1cac287453ef167a0e30b684494ee91
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Tue, 27 Sep 2022 11:21:12 GMT
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive

                                        
                                            GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
content-length: 12650
x-amz-id-2: jidSwKwvbpOi6F/rAzudRbjJFbS+o8jBTmcob1aAZUcUfeNToMMN3SHgRl6mnyrbqmc7j48eKeA=
x-amz-request-id: SB6GZ6GJ95BG8YV0
last-modified: Wed, 05 May 2021 12:28:43 GMT
x-amz-version-id: hGr_D3pTlus6Ron3YPdJ9yTXHCo52uOI
etag: "c2c13512498002cecc4b6e7bd5d1be97"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV4fsKPqolTh5i532yQB7ne7Wo3WEl%2BWVxeV%2B3tee0rXhcKeCIPvZ0i6jkmSiz2YJ5eJRzXW2%2FxcsvWX2LI7EfuaZO9dKdaYqNosJnCy0hq%2BviswN9qdG1T64P98VqLHzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f59b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   12650
Md5:    c2c13512498002cecc4b6e7bd5d1be97
Sha1:   69eca78cae5ee4e140ad0786ba2d3880826b047a
Sha256: d77d7e56eb3e0a1c10c6598ddc3fbe3aae571ca01ce698d90d9c7113e43f4807
                                        
                                            GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.3.88
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
content-length: 6352
x-amz-id-2: yNG1HtP92MfEYQgmIpUeGzUzM/sb8W79uZDhsKhkDO90U2LP8jqmSYGyt/WH218Wn70QqfFFOoo=
x-amz-request-id: SB6Y4JXGEFMJP922
last-modified: Wed, 05 May 2021 12:28:44 GMT
x-amz-version-id: lBA1PnNwoEc8KVD9DxWPJYu6BOQkCly3
etag: "fda759418a4a2275690f85b43395537c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk3Yqd5mgV9pPUYlQ2%2Baocs1PomfaytOUILobMJ53dLLVO%2BV5OTO%2FQMuJ10iCOc4%2F7ua3scIGQ3LGoc3bmJq0QFi7RMo9CXyEIXAf%2BV%2BVn02SAWgzRZPze%2BNTEZh10GdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f5ab52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size:   6352
Md5:    fda759418a4a2275690f85b43395537c
Sha1:   a0c92823a8f78aab016b093a0798e266ecda1f64
Sha256: 69382d049c1db12654da334c7c836b80d3331f7a833442da7d05eab17806e216
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-K9GXZFM HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 07:33:19 GMT
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2317)
Size:   37738
Md5:    c7f3e1bac9c98e24271a148c859b6535
Sha1:   9c941c763fd4a3cf0207f23eda64fa6ffcb23878
Sha256: 89145fd08b95a5c319c116139b93b592baa91fc2a3f5304754d55621525b58b6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:19 GMT
expires: Tue, 26 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 37500
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size:   33580
Md5:    848cd2ecd011428969dc6b90431bc482
Sha1:   6b1a7b562a56bd54510e0f6f95e26babca331a1b
Sha256: 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4276
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:03 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4276
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BB5)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3319
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:38:00 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 471

                                        
                                            OPTIONS /v1/devices/widgets?referer=https%3A//seguro.poweroferta.com HTTP/1.1 
Host: api.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.2.144.69
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
content-length: 0
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-request-id: f0bf382f-03dd-4ca0-ac05-3efd7006f955
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/device_sessions/web_device HTTP/1.1 
Host: api.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.2.144.69
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
content-length: 0
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: aa9fa67f-566d-4fc3-a717-05f5d2e0b9db
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-81,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: b94903a55c7ae9d1
x-b3-traceid: b94903a55c7ae9d1
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-81: 5pNosscJcyA/g6Z0UOYjArad5E8OwDoTQv42NqDhZ2sUxusVKH/9lQDacXrfEsdF
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:37 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9wM6gZXYomez9zrwOu5u8sLj0iSUvbvOlc6Bvq9adQhxWLOkT9x7jA==
Age: 4242

                                        
                                            GET /ana/ana.min.js?t=1664323200000 HTTP/1.1 
Host: cdn.yampi.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.14.227
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
x-amz-id-2: ltjj2N3u0e5I23d6wZXeX527jCIqgkIqiF15RZjN6hpGlB2fFxL1C98wsStVpGv5WVFi6dixScE=
x-amz-request-id: P8AJQ6PCRBMB1A0B
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 6245
expires: Wed, 27 Sep 2023 07:33:19 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128cea585b0b45-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   79994
Md5:    deb74a4bda9edad6f94841bf04d6dcc3
Sha1:   679dd3a05d6d301b841a6b46cf4169abc0ce1a9c
Sha256: 2dac1e7dbb4b111355add76646f5cd7acbdfeac86e3af2f75083eac09dc5d026
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BB5)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BC8)
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   2263
Md5:    7b608fe6c21672a63e4799163f3dafc0
Sha1:   8b2ab280d4c02e1adf68414692e0c2e1221a8409
Sha256: db8b0f4a5f61620749926de4f614d99d430626fc6d48332c3cf92c2ceafcc597
                                        
                                            GET /king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.95.165.30
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: /1AGoNpRlWT121CEM+1QrWoonuBxkZUN36Vurtc0ytn7vBBQpRqarfQSaM6ts1RAT6ddUTC/fvc=
x-amz-request-id: SNRG4M42HQMHP50C
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Thu, 20 May 2021 13:50:01 GMT
ETag: "37efca6cdf7016a5283d32610c7d7136"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5127


--- Additional Info ---
Magic:  PNG image data, 300 x 90, 8-bit/color RGB, non-interlaced\012- data
Size:   5127
Md5:    37efca6cdf7016a5283d32610c7d7136
Sha1:   08e5eb5c88d6df8fdc5f175dc40084ec2d4e6753
Sha256: 47e4bcfc9ddbe6782376f5fc4ee7bbc0ebe3622ddd92db97b081c885b199478f
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 750
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733196C5D97A990C18CCB16A1
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ea278d02bcce6a7c1c6a2ce19064e7996a409a2180e8868c2aa9d3dc5cad3f5947a4277a9e08ee07cd17ae890862a56ab
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:19 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=4, origin; dur=108
x-origin-response-time: 108,23.36.79.13
x-akamai-request-id: 61c44346
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 771
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733192F52607DD57104C8B5AA
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eee4eb77576bbf709b14aed2bbcc1e9fec12471740fe85948d8e66ab604510e60c13c03f91eb2829eb04e77e3e5e74f08
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=10, origin; dur=111
x-origin-response-time: 111,23.36.79.13
x-akamai-request-id: 61c443a0
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 776
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733197AD52F7DF96E27D085CE
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e1b2ad9e28e8d0345b876ee7123314ef1ed6be8237f25e611c5a6bd9c6ce8c3b0551d0f10066168e90bc3d0e39fe6ed4a
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=8, origin; dur=108
x-origin-response-time: 108,23.36.79.13
x-akamai-request-id: 61c443cc
X-Firefox-Spdy: h2

                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.poweroferta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjcxZWQwZDI5NzZlOWIzYWUiLCJ0ciI6ImQ0M2U2MTcwMjI3MzMwNmM0ZjVjMzk0ODc2NDliOTE3IiwidGkiOjE2NjQyNjM5OTcxMDJ9fQ==
traceparent: 00-d43e61702273306c4f5c39487649b917-71ed0d2976e9b3ae-01
tracestate: 2935249@nr=0-1-2935249-1134170823-71ed0d2976e9b3ae----1664263997102
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlJBcXVWVktkUmJBdm56VG5Hd05ZUUE9PSIsInZhbHVlIjoiVGFFbjFMXC9aV0tDUVJJdllEeGljWktPeEVVbWRma0xJaUVBUjFhNVJtOWVmSGFjY1BoMjdOMEw3SmpCRkg1MElKek4yUFZvSkRlTEhBR2lcL0JcL3VXdlE9PSIsIm1hYyI6ImIyYTI0YzdlOTRlNTgyN2VmNGU3MjFkYzJjMzA5NzJmZGNlZGY2OTE1MjFjYzBiOGJhMWMzY2QwYmIyZDVlNGYifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IjloTjFDOCs1MHFJM01VUmhCeVwvUmVRPT0iLCJ2YWx1ZSI6IlhuczVMN1prSE5sZUVJejRTVWdJaUg1eFF3OW4xZG4zZGNQbkpiQVBXdUNnVUkrc1c0XC92XC9XN29EU0xNcmxNeHpFdTBjV1BjRWo5NTZFa20rXC9pV1d3PT0iLCJtYWMiOiI4YTIzMDZlNTQ0YWZhNmNkNjUxZDhkY2IwMjdiYzJjNzkwNGVmOGFjYzQ2YmUyZmI5YmZkOWFiMTU0MDk3M2FjIn0%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRDwsNHh5UFUMGBFZTXQBTAlcCDQUFXFgDFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 753
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733195EF738149E21C4D08216
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5599e93bb302ee5fd2c2ef3cde1a86201e3b3d6435b8e128352cefd6d052c427f4f708c5d33d7bc1d2c884eb3413e9d0caca68aeefe6b0da21cf9cb6e8f43cd11
x-origin-response-time: 129,23.218.223.5
x-akamai-request-id: 8c073980.61c44373
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_MISS from a23-218-223-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=129, inner; dur=120
x-parent-response-time: 238,23.36.79.13
X-Firefox-Spdy: h2

                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 119245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1635
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:06:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 06:41:09 GMT
expires: Tue, 27 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 3131
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /jms/lgz/background/etid HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 0
date: Tue, 27 Sep 2022 07:33:20 GMT
server: Tengine
set-cookie: _d2id=cbec395f-3e85-461f-a2c5-0658c62f64cf-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:20 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: a5494527-e5d1-4479-9367-8c1c04c0ec8d-1664264000236
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 3
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-request-device-id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-d2id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: auHdWFay-Oq8UOJXlCvc3ynNaXaYGIDIkeF4Uya3_zJxR4j1y-8BnA==
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LXIn+4Q9FT6kffLCnZ8LHY5TezvJTRkK9PhdlnZjOAUfvbmUpb+6F1OuMHSKaiU1GRFBKzUpkWEDjyo2wsfVaA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 07:33:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            GET /jms/lgz/background/etid HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 0
date: Tue, 27 Sep 2022 07:33:20 GMT
server: Tengine
set-cookie: _d2id=23ca88e2-02e0-48b4-819b-5c56a622252e-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:20 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: 52947e23-0c8c-4499-86b3-93840aefdfae-1664264000263
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-request-device-id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-d2id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jTbc_-P5_1PaUdhHxFsY-93YNs5-AbxGX5a2JlqyI9um28bw4RmaFA==
X-Firefox-Spdy: h2

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 07:33:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1844807421%3A1664264000309886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWp0Bl01xEpWwk-7joBP6Cxt0fVoNJLd0Lyazm-hr1MaIkPxydYT76DyTW4fEt2brjgWTxQCyQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-fYpfwBA1fkj9WRWVqQfGkg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:619wdds11r74sCPPayzbo6fKrHT4xA:TPXZjuOleAB5Y4Jc;Path=/;Expires=Thu, 26-Sep-2024 07:33:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size:   395
Md5:    51b75cefb9d80bb9f60cc67eddaafbb3
Sha1:   ab45ba34cf35b3c79d25ecef416007035fd3e47e
Sha256: b30eb9562b4291af2e790ada2dc1e649ff302ab26c0f2c3235863bd2f123e5de
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5680
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Tue, 27 Sep 2022 05:58:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 169190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (52762), with no line terminators
Size:   24251
Md5:    f2d649025c814be9c33f166a5e04fe88
Sha1:   26bf59de631415927ba2c6c9e44fe9c763f95313
Sha256: f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 119245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://seguro.poweroferta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         64.233.162.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://seguro.poweroferta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.95.165.30
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 745YvUSD4lAHEPztP9qBaKEqtR9vya7bayhNaQVj0AZ3Qe9g7ee7zA9pjzzUTWJXumPg9iu3z4g=
x-amz-request-id: MZPPSHJ7BN0MSTSH
Date: Tue, 27 Sep 2022 07:33:21 GMT
Last-Modified: Thu, 20 May 2021 13:14:47 GMT
ETag: "2b292d04d7ad57117f11085fd1121dd3"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 19789


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   19789
Md5:    2b292d04d7ad57117f11085fd1121dd3
Sha1:   5b1be3e2a260486d3f64c3639214a9eab5cecb31
Sha256: b78d237d9d4713c0be5d036d2ef75aa5e40f291336be2315ae272d5ddc0666ad
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   171746
Md5:    5a4efaa0054ce59fe80cc9f7e7c9effa
Sha1:   6cf071ebcebe1dc4dcf8e2a5ffa7b65ccdd855c4
Sha256: c610cef9658321a48eb1d5b17829e17d3ffeb1e2e0de7fb47d2912509a0994dd
                                        
                                            GET /tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 07:33:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3122
x-timer: S1664264001.237552,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2193
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:21 GMT
Last-Modified: Tue, 27 Sep 2022 06:56:48 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 27 Sep 2022 07:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75128cfbfd54b521-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=ba3dd2a8cbb5f780; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1026
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Sep 2022 07:33:22 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 75128cfdf860b521-OSL
Access-Control-Allow-Origin: https://seguro.poweroferta.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1 
Host: api.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.2.144.69
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:33:22 GMT
content-length: 0
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 06e189b3-d79d-4a47-b5b9-8c2c92b173ef
x-trace-digest-40: XBj/DTvT8DvVjv4C83vNUvpIeE8LK9dO9LckxUckknJLC4sXOoGUqQ2IauFkL18W
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: fcec10ebf2c69062
x-b3-traceid: fcec10ebf2c69062
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /v1/device_sessions/anonymous_device_session HTTP/1.1 
Host: api.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.2.144.69
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:33:23 GMT
content-length: 337
access-control-allow-origin: https://seguro.poweroferta.com
x-request-id: a3e6556c-5b38-460e-ba27-5207d39b8f08
x-trace-digest-40: SpSBAF2shpqR1R3CItZqgGIU+j1UgLgyzKxeJpXCziNxVKAX6jjecWKdr7WOXKHq
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 9d40564d3bc3adad
x-b3-traceid: 9d40564d3bc3adad
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (337), with no line terminators
Size:   337
Md5:    4cb0d12ce0f9fe7437e86df0059b2b7c
Sha1:   5794908d29d7ebf74b9f98826a5a80400c728f55
Sha256: d6fb3d692e32caecb4c63b1347a1f73b2f23cadeb277ce6d5cd715108e748960
                                        
                                            GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 07:33:18 GMT
date: Tue, 27 Sep 2022 07:33:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fa/4.7.0/fa.css HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.1.53
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 612
expires: Wed, 05 Oct 2022 07:33:18 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce6ed0b0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg HTTP/1.1 
Host: cdn.shopify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.255.71
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30
server-timing: imagery;dur=15.762, imageryFetch;dur=15.477
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b8bd88fc-0f34-407f-bfd8-a53800d3c150
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucJ7Ny%2FP55ri17M6ftmbJlY1hHRFlMyTwJ0oO3u3TteF816xCCZ6aUUjPDow01AeMWLuH23hFcb70NdB09GN6%2Bin4klhwTBJSvHfrJBl1FpdQNNj0TaeqPXWRePm08hI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75128ce72862b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /v1/devices/widgets?referer=https%3A//seguro.poweroferta.com HTTP/1.1 
Host: api.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.2.144.69
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: public_get_session_widget
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-credentials: true
set-cookie: profile=1664263999494;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: 179309ae-51f2-4e59-be32-be0b9582ed4f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
set-cookie: _d2id=c0f86630-4b1c-434b-b10f-2420aebb8122-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-request-device-id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-d2id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z7bD9U-CReGMq1DdnvOgoVHSTytAeF5QHE-ag1E5SQOsEdFJwG3v1Q==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=0fe2602b-9adb-44d9-8671-9199ae3a4a59-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-request-device-id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-d2id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u6mRKttMRWclId4G18222WUO2yhuekz0_3XaAVMSdo-8hAdFcbT0ew==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774 HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=e321783b-e7d1-4ff8-a83f-ae787fcd8ed5-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
access-control-allow-origin: *
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-request-device-id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-d2id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DwwBtOM6zQBstwGzVMtLjDbM6fcyk7fTsi9tTnj4mUIFPGuTEKWVg==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.3.88
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
x-amz-id-2: kiKMcAr44hCS/h/HVY248HvVsZ8c++jxSbplSUA+eauwmt5HsWg8UBb9Ul0Y6kT3rAvxJVfXLU0=
x-amz-request-id: CY4BWHFC5C676757
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: dI9F0vCOZifuvcVSKZO43mZnYXF0Vwno
etag: W/"20baf997b7e31a089f0a9544550cf45a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTWxi4c6tOHzh%2F2z%2Bm9RNVpMD4YgCdOZMxcA%2FSw4uIdpaUU5j0vxd7eB4qMgQ0Hict1BrSMhsO0p0CUrPR1OXrZhzWbGvn6oxR0ItiULWAStufJRq3PrsKWi4Oa2B%2ByxkHZWPT9UfP7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f55b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.poweroferta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjEwZTg0YTNjMWI0MjMyMGIiLCJ0ciI6ImIzY2M2MzE5YzRmYzNmYmMxOWQ0ZmRlODQ0OTA1MjU0IiwidGkiOjE2NjQyNjM5OTcxMDR9fQ==
traceparent: 00-b3cc6319c4fc3fbc19d4fde844905254-10e84a3c1b42320b-01
tracestate: 2935249@nr=0-1-2935249-1134170823-10e84a3c1b42320b----1664263997104
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 357
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlBGVkprZ1gwZHFwMmdybHFEN3piTlE9PSIsInZhbHVlIjoiNFwvYkpkQnNOQXVkcDFoa3llME9pajhhTnhxdVhaMmtrRFVLd1BcLzQ1TnpFek9Cd3ZvTEk2NHhobGRjWW1Ia2o3NVRndUJsYkg4dG9PRW1LXC82NEVtYlE9PSIsIm1hYyI6ImI4MjI2MmM3ZTIzNTJkMjY5YzcyNzFlNGMwYzAxMmU1ZjAwZDBmMzhhNmU3MDMxOTdmOTYxYWE2ZGZhODZmMDMifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IlFMMnZlQitXVHdcL3VwXC8wNzBOaHNrUT09IiwidmFsdWUiOiJyZW5uZTVFVnNnandtZDNOTVpDejdsV1BJRjBcL3Y3Y2s1ekltUFwvN3plUFR1bHBIZ1JKMXgyWm9oenZyWFwvcHN4Vm5rQWJvV2ZyeTlPelc1ZHFvXC9BeXc9PSIsIm1hYyI6IjZmYmUxZTRlMTRlMWExOTkzYmFhNWEzZTQ1ZTNhMWRmMzNiZjM2MTFhZWE2NDQwMDI5NTc0NzllMWUwNDI2MTQifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRAAkMHh5UFUMFWQEHUg4FWQVUDFIDXFVXFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cart/recomm HTTP/1.1 
Host: seguro.poweroferta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImVkM2I0ZDExNWYwZTA1YmMiLCJ0ciI6ImY4YzhlYjRiZjRkYjY1ODhhN2M0NTI2MWYwMjM3NDhjIiwidGkiOjE2NjQyNjM5OTcwOTV9fQ==
traceparent: 00-f8c8eb4bf4db6588a7c45261f023748c-ed3b4d115f0e05bc-01
tracestate: 2935249@nr=0-1-2935249-1134170823-ed3b4d115f0e05bc----1664263997095
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6InB5QnFYUU1QblFPMzlMdHZxZUNQaGc9PSIsInZhbHVlIjoiSVFXbk5SQW5jaG1aazJDc1B2QU9IOFdCZTJDOTZQalFEUWxGeGhCSWROQ3lWN0F0OG9vN01VaWVWTjlQSm1ORlwvQlhhSjk5QThoVE1UUTNkTFdyd1JBPT0iLCJtYWMiOiI0MWJhYzdjYzAxM2QzYjJlMzk1MTM1NzUzZjI3NGJmM2NhYzE2YTNmYTAxNTIxZTgzMjg2YjMzZTYxYThlZTMxIn0%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IlNlbVZhVnlDcDRzd1hQXC9xSmJSekx3PT0iLCJ2YWx1ZSI6IkdkdFUwSmpDUWRcL28yZFFtZ09lUE9QbmVYWE1hS1lwOUQxWjNVRGJKK2pDMCt5aUl0bHpETGVhVkQxb3c2cUFEU1BCemFoRE5Id25cL1JjbXdab1d3MEE9PSIsIm1hYyI6IjM5ODY5ZGRjOGI3MTY5NDk1Nzg5NTQ5NzY5MWM0Nzc3NWI3N2UzNzJjNGVjN2U2MTRhMWVhYjc3MTM1ZDAyMWIifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYFBVIVTABNEQddVAZXUFsIAQhcU1EGCVJESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 27 Sep 2022 07:33:23 GMT
server: Tengine
set-cookie: _d2id=bbdf726c-7e46-4ac6-a267-d2e0eb781598-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:23 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-request-device-id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-d2id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 19o_GWMceBvt0RmxV4ZYIiWSEHhRNnCIdcfwl3VTept-qBWuqrSCmQ==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.3.88
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
x-amz-id-2: OyOibZMfkkwB05gPZjuAsZeVUSb0Qjq+xaaRsKOG1t3dnzjziub4AwhX7Cp9nuLlFVGUfHwL6zY=
x-amz-request-id: CY4EYD17YF0TDT82
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: sk8GhqbtozvgmZdvBhWo.6c8nigPYGNS
etag: W/"c1cb1b608993e42920393f83d30bc32b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYY9eSbEL4Z9fhJ5l%2FmXitadyChSONYY%2BQvv%2BPDIKVezCg2floQ8LoeiyXaggiAkfkLlo6SFnOwPS1iFo8ieJ0trglzL4AweECwkgRvLL0gwT%2BQcx3pALjpDpiNRPuwXjPiIuZxk0yDC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce65f23b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v2/security.js HTTP/1.1 
Host: www.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
set-cookie: _d2id=c47e9523-6df1-4f09-b0b5-9fadfcc835d2-n; Path=/; Domain=.mercadopago.com; Expires=Wed, 27 Sep 2023 07:33:18 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-request-device-id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-d2id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yySYUlv4D2VUjlKa86mER_ockUqQ2Z49JRSUcjAWVw7VuwmlZzau3g==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /v1/device_sessions/web_device HTTP/1.1 
Host: api.mercadopago.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.2.144.69
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 07:33:19 GMT
access-control-allow-origin: https://seguro.poweroferta.com
x-request-id: d457d3c4-0b0d-4afa-a915-ccc6f51f351b
x-trace-digest-40: CN1QDKRFaFnNZ8S/TC/SBqiFx1sGiIq+UfQU2jyXwjHE+FpnbqTdwQL+A8VXKyXz
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 038ba3b06eabdcff
x-b3-traceid: 038ba3b06eabdcff
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1664263999504;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1 
Host: www.mercadolivre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.53
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
set-cookie: _d2id=35f51f63-4121-4a76-8084-50c869e85b3c-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-request-device-id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-d2id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WTeGyFu5Js12jdFbE8OIw31olnuzBzQC7pD7sRujBT4CE5uZdZd0uA==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/address HTTP/1.1 
Host: seguro.poweroferta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InR3VzlsRHNDcTVWdlY1QzRnNXJvZEE9PSIsInZhbHVlIjoia242cVI0aktzSjVCd05MaHpkNXoyd0E3U0c3S0k1dTBLMmhIRjhSeHBVcWNIcDZ1TnN0dHU1QWNWd2lQeTBSNll0RUlkRDB6VXJkeEJLTklvUHNRV3c9PSIsIm1hYyI6ImRjMjIwMTRlNzMwYWZhYTNiMTZlOTQ4ZjkzMzc2OTAzMzc3ODFhMDRhODUxYmEwNTNlZWY2NmE1OGYwOGFmOTcifQ%3D%3D; bubbstore_checkout=eyJpdiI6Ikw4R2toNVwvVXFwS0xubEdSTzJNOFFnPT0iLCJ2YWx1ZSI6ImxaQ3J6VTVHNUV0ZVJWWmlBdFpSVVBLcnRXaEh3NkZSeEhDR0EzK2hcL3hncnFYS2R4NHhQWDdUQ1hxYzJ1aGh5Szd1eSs3OUpHdmRad2RWNENmenVHdz09IiwibWFjIjoiMjA1ZGZmZjk1YWFlOGU0NzEyNzMwOTM4NDU0MjA0NGQwMzhlZWRkYTE1Zjk3MmEyNmQ2OTM4MDY2ODY1NjUxYyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 27 Sep 2022 07:33:18 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; expires=Tue, 27-Sep-2022 10:33:17 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; expires=Tue, 27-Sep-2022 10:33:17 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=a4e60fb6-85d3-4c9f-aad3-098eda39ccaf-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT dsid=1284de78-e194-406f-8574-0a9a093c6c43-1664264001772;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure edsid=0f799bde-dd39-4ccc-b62c-0ca5baeb4afa-1664264001772;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 10
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-request-device-id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-d2id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2VEI6lfY1lsN2St6SwEcCjtFzx-zlOtiStCGwkszEIkimOJFwFnoLA==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20220927073319F6A6A93466948EC88F09
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b54076bbcbc3ea4a0a9b6a20a6c108d96e78cdbebcc0fe81ca5f4179e1a56fe7ab486b3c31347cc1ef0428335df8280aea389f0cc63fce3257bb98ddbc72601655
content-encoding: gzip
x-origin-response-time: 8,23.218.223.21
x-akamai-request-id: 86f8c0.61c43c65
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:19 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-21.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=8, inner; dur=4
x-parent-response-time: 109,23.36.79.13
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b HTTP/1.1 
Host: www.mercadolibre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.42
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=788f17df-e1a1-4cf9-9d34-9546bf480134-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-request-device-id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-d2id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LYcqlFGlbF5SktgN0FCDu3ihuBmfIqmbpdKrkgxJpqw4DE-wINV10Q==
X-Firefox-Spdy: h2


--- Additional Info ---