| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd2560f62890e75b8de444fed96c22f52 334ce0c48e606ee029f31eeb1463af87b1024bb9 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 07:33:15 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash1b3053fa528e28810f8a2cc9284cc921 cca9eb471d941881a6b9a1793aecb6c281908f6a a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 06:44:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F3bCxSbUx9l82_-ez4KMYFvvq1tXHCrNSrLcVcYBylT-_sh4y3dNbQ==
Age: 2939
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1017811d25642601e984edc1676d118d c177c4f7a897584bf91347fa4990c83d6bfd0321 f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13739
Expires: Tue, 27 Sep 2022 11:22:14 GMT
Date: Tue, 27 Sep 2022 07:33:15 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Hu5WjRU59wnPcMa7onFtGD0y69V2uhVBV1S1hfXCd2kzJaCPAnxCux4WJRs0fFSom/W0rvD4O5A=
x-amz-request-id: 0ZJF6X5APRBE2ZKR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 06:46:43 GMT
age: 2792
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 | 170.82.173.30 | 301 Moved Permanently | 134 B |
URL HTTP/1.1seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 07:33:15 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.poweroferta.com:443/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
X-GoCache-CacheStatus: BYPASS
Server: gocache
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 07:33:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 07:10:46 GMT
Expires: Tue, 27 Sep 2022 07:38:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HvhO7oOp__lYQba23V0vwrIv-6bihh1KgyPVGItmERX_VtB6v0ircQ==
Age: 1350
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc3f1da5d56f40c334aa1714729e9daa7 7b7a254334bd34fc88140614c8963a686073ca59 a17a3ef70990b0b58bc5600096d81b3593a246a821f869db3d52d9a3949553ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A17A3EF70990B0B58BC5600096D81B3593A246A821F869DB3D52D9A3949553FF"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Tue, 27 Sep 2022 13:32:41 GMT
Date: Tue, 27 Sep 2022 07:33:16 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5adb7eb1d103eadeeafac36e663ffdd3 23b784388dd634fa736cd60aed71570661e73d02 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:16 GMT
Last-Modified: Tue, 27 Sep 2022 06:48:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.41.98.34 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.41.98.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /V5EFyFMb8WQ9tUQPyYjwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UaOkWqp4vZ0Jy2tJNQ9Gt9qJ0TA=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive
|
|
| seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 | 170.82.173.30 | 302 Found | 23 kB |
URL HTTP/2seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hashbbee5fb0c7508549b69c69d4584edeff c993f26e76b99198249b562316f1f1a3446a2aa3 a34e2d806ed5e31b2967ec23ad371cdeef4263dd9df4e9b79a250379b50f594e
GET /checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 27 Sep 2022 07:33:16 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.poweroferta.com/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InR3VzlsRHNDcTVWdlY1QzRnNXJvZEE9PSIsInZhbHVlIjoia242cVI0aktzSjVCd05MaHpkNXoyd0E3U0c3S0k1dTBLMmhIRjhSeHBVcWNIcDZ1TnN0dHU1QWNWd2lQeTBSNll0RUlkRDB6VXJkeEJLTklvUHNRV3c9PSIsIm1hYyI6ImRjMjIwMTRlNzMwYWZhYTNiMTZlOTQ4ZjkzMzc2OTAzMzc3ODFhMDRhODUxYmEwNTNlZWY2NmE1OGYwOGFmOTcifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:16 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ikw4R2toNVwvVXFwS0xubEdSTzJNOFFnPT0iLCJ2YWx1ZSI6ImxaQ3J6VTVHNUV0ZVJWWmlBdFpSVVBLcnRXaEh3NkZSeEhDR0EzK2hcL3hncnFYS2R4NHhQWDdUQ1hxYzJ1aGh5Szd1eSs3OUpHdmRad2RWNENmenVHdz09IiwibWFjIjoiMjA1ZGZmZjk1YWFlOGU0NzEyNzMwOTM4NDU0MjA0NGQwMzhlZWRkYTE1Zjk3MmEyNmQ2OTM4MDY2ODY1NjUxYyJ9; expires=Tue, 27-Sep-2022 10:33:16 GMT; Max-Age=10800; path=/; httponly
loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D; expires=Sun, 02-Oct-2022 07:33:16 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash46e31aa06b8e86a9a5f9ba1cc3feca08 75df3341e30281fcbf78c7074980356fdf0be8e2 d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 35039
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8ef8d9284ebd57a7cf76ceb762291356 2b53c4f836970501a682dae07235215c487d35cc 3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 34201
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash56c3768b851e6a5206cbfbe3f5a97cae 2a2fabd9f9792daf9c058fc754d5616267b703f1 668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10864
x-amzn-requestid: a6be937a-3e8f-4dad-bbca-f28554f5ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioQqFHsoAMFxXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420d0-78fecb9e2f76416044839a35;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:08:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: l-svEjPVAfeYvCQAHsARjTk9PNdkVGUJA_2415312kWF2x6MDI7o7A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:17:07 GMT
age: 65770
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfa70ece15044b7318cb11ae5e37a64e7 04a0665f771562c3e56ac3542abe5bd3c4c1a6b5 8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 65086
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdeb8d1e3b6d7fbc8c8ba478269621676 84f5a4c8b38acde814bc790e5b514347718d5bb9 ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 35039
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| secure.mlstatic.com/sdk/javascript/v1/mercadopago.js | 23.36.79.33 | 200 OK | 9.1 kB |
URL HTTP/1.1secure.mlstatic.com/sdk/javascript/v1/mercadopago.js IP23.36.79.33:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with very long lines (25829), with no line terminators Hash13e3cc8ff400bf1da09ba98065151e4a 05da8917634372f71cd2f851e42129fecfb2f45f 9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "825262-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: d2e52704-7958-472c-b559-cac792b41f98
X-Request-Device-Id: d2e52704-7958-472c-b559-cac792b41f98
X-D2id: d2e52704-7958-472c-b559-cac792b41f98
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5b7b66f5886a12421c3f3970bbf49d5a 13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8 3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbfc8c650e23854f708a3dd54fca4393f b54c061cf5a5306a68112d403471914e839a68c8 84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashe4501845855e455a3e5006181018bc85 12fd7ddb62602464d02cdbb272135b5e4126e619 3c3dc6ec45037e00f095d4e655d92a679c9c66c1f54f13a1c00d8983f9366fd4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Server: ECS (amb/6BB5)
Content-Length: 280
|
|
| ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ IP142.250.74.3:0
Hash3fe0ad4a6620f4e2fe6f5ff4209ad082 8ae7af61e1a4635898477449dee893c900c7acc1 fe85c3ad96b99ff6320f0b4f438c394e2699dac7f972664150299c824338b4f1
POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashb851dbca60b0b9a4b1e8e9b6f29a6936 116ac4fa33d24267ac90741194cac6a474c6ab26 0e8d8ccd1dbd8d54d9f62c00a4359957de5956a6aa7ed4b19c6d7ba6da2f4625
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2759
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Last-Modified: Tue, 27 Sep 2022 06:47:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC | 142.250.74.164 | 200 OK | 585 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC IP142.250.74.164:0
File typeASCII text, with very long lines (884), with no line terminators Hash7d84c4456027d3c2e042f55c624444cb ae1299213270a14574bac01f8f91d29a4c9ffd7c 5ac486ab075825fc510d276894e2a289866e243bbb1efe2f5246c710f307aae4
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 27 Sep 2022 07:33:18 GMT
date: Tue, 27 Sep 2022 07:33:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| js.upnid.com/v0.js | 130.211.14.112 | 200 OK | 8.3 kB |
IP130.211.14.112:0
File typeUnicode text, UTF-8 text, with very long lines (23050) Hash49fa980f95bb3bbff8b7a2857a727d5d 9e931943f03079522318820948018d78610eaca4 4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943
GET /v0.js HTTP/1.1
Host: js.upnid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Tue, 27 Sep 2022 07:25:29 GMT
age: 469
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash58b1426c9f85f6f1d0a180ae5983fceb 7d49e932f5bbf2bbe6211b3212560eacfc004656 dc92b3fdcd34f33b5a7c901593be6a677c01d38a9a76d63b5b012863ba2344db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Tue, 27 Sep 2022 11:21:12 GMT
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3c46552685e56412345bec820f7b7238 61bb753560bbbba0e27c8d728df191c9b62bad4a a890e707f4746677b24f6151756878e90c37fdaaec51c81d32f775fff9ddd81b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Server: ECS (amb/6BB5)
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbfc8c650e23854f708a3dd54fca4393f b54c061cf5a5306a68112d403471914e839a68c8 84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ | 142.250.74.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ IP142.250.74.3:0
Hash3fe0ad4a6620f4e2fe6f5ff4209ad082 8ae7af61e1a4635898477449dee893c900c7acc1 fe85c3ad96b99ff6320f0b4f438c394e2699dac7f972664150299c824338b4f1
POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4538701cf9bc34d908f50370beb922f4 df141b9c3ec626ecaba7c1899073a48b811c4113 61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png | 104.26.3.88 | 200 OK | 9.7 kB |
URL HTTP/2images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png IP104.26.3.88:0
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Hashff0f08e495143eaeead6e6a41b6f760b c41983416e217ae3a2cb70578d2e6dfd0299a3ad dae3f404cc48f14d6a383843f2f9b7feb1cac287453ef167a0e30b684494ee91
GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: image/png
content-length: 9665
x-amz-id-2: bYYK0NFZ5dNm+0hOiRtWVm56DXbyOJsUswzTjFDPLu2WxLaMGJp2JwJ1UIDCvJUEnFB+Jy8cLE0=
x-amz-request-id: SB6T4EV0GERXNBSW
last-modified: Wed, 05 May 2021 12:28:44 GMT
x-amz-version-id: 9qEFXlq0ADyMSYF5gYLucNhB_XBEjUOM
etag: "ff0f08e495143eaeead6e6a41b6f760b"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8BlvZQgoh4Hsfu78yrgy2dVUFpc5%2B6jgXcIgE2KOL8FtN6g3RYODFMLrHQkp%2Bz%2BKdmFB5v%2B4ySFC2cEEBZ4L6oZkc0rlTY3nHdgNP9GWzJWwzUdO%2FoADbLn7O2rDcb0sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f58b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash58b1426c9f85f6f1d0a180ae5983fceb 7d49e932f5bbf2bbe6211b3212560eacfc004656 dc92b3fdcd34f33b5a7c901593be6a677c01d38a9a76d63b5b012863ba2344db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Tue, 27 Sep 2022 11:21:12 GMT
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive
|
|
| images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png | 104.26.3.88 | 200 OK | 13 kB |
URL HTTP/2images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png IP104.26.3.88:0
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Hashc2c13512498002cecc4b6e7bd5d1be97 69eca78cae5ee4e140ad0786ba2d3880826b047a d77d7e56eb3e0a1c10c6598ddc3fbe3aae571ca01ce698d90d9c7113e43f4807
GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: image/png
content-length: 12650
x-amz-id-2: jidSwKwvbpOi6F/rAzudRbjJFbS+o8jBTmcob1aAZUcUfeNToMMN3SHgRl6mnyrbqmc7j48eKeA=
x-amz-request-id: SB6GZ6GJ95BG8YV0
last-modified: Wed, 05 May 2021 12:28:43 GMT
x-amz-version-id: hGr_D3pTlus6Ron3YPdJ9yTXHCo52uOI
etag: "c2c13512498002cecc4b6e7bd5d1be97"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV4fsKPqolTh5i532yQB7ne7Wo3WEl%2BWVxeV%2B3tee0rXhcKeCIPvZ0i6jkmSiz2YJ5eJRzXW2%2FxcsvWX2LI7EfuaZO9dKdaYqNosJnCy0hq%2BviswN9qdG1T64P98VqLHzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f59b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png | 104.26.3.88 | 200 OK | 6.4 kB |
URL HTTP/2images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png IP104.26.3.88:0
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data Hashfda759418a4a2275690f85b43395537c a0c92823a8f78aab016b093a0798e266ecda1f64 69382d049c1db12654da334c7c836b80d3331f7a833442da7d05eab17806e216
GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: image/png
content-length: 6352
x-amz-id-2: yNG1HtP92MfEYQgmIpUeGzUzM/sb8W79uZDhsKhkDO90U2LP8jqmSYGyt/WH218Wn70QqfFFOoo=
x-amz-request-id: SB6Y4JXGEFMJP922
last-modified: Wed, 05 May 2021 12:28:44 GMT
x-amz-version-id: lBA1PnNwoEc8KVD9DxWPJYu6BOQkCly3
etag: "fda759418a4a2275690f85b43395537c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk3Yqd5mgV9pPUYlQ2%2Baocs1PomfaytOUILobMJ53dLLVO%2BV5OTO%2FQMuJ10iCOc4%2F7ua3scIGQ3LGoc3bmJq0QFi7RMo9CXyEIXAf%2BV%2BVn02SAWgzRZPze%2BNTEZh10GdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f5ab52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc939f97c8bcbfea356e92036803714bc 608c795e7c4fb943a4db49a4e4533c41ea717023 b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-K9GXZFM | 142.250.74.72 | 200 OK | 38 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-K9GXZFM IP142.250.74.72:0
File typeASCII text, with very long lines (2317) Hashc7f3e1bac9c98e24271a148c859b6535 9c941c763fd4a3cf0207f23eda64fa6ffcb23878 89145fd08b95a5c319c116139b93b592baa91fc2a3f5304754d55621525b58b6
GET /gtm.js?id=GTM-K9GXZFM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 07:33:19 GMT
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash737756d717fd215d94458a21028ae486 ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f 8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 | 142.250.74.163 | 200 OK | 34 kB |
URL HTTP/2fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data Hash848cd2ecd011428969dc6b90431bc482 6b1a7b562a56bd54510e0f6f95e26babca331a1b 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:19 GMT
expires: Tue, 26 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 37500
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc939f97c8bcbfea356e92036803714bc 608c795e7c4fb943a4db49a4e4533c41ea717023 b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash737756d717fd215d94458a21028ae486 ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f 8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9cd17fdb519b3b2626a025dcfda2aa34 ca1dd7c4986fe9a9b9de8249b828182a00b521d7 8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:03 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9cd17fdb519b3b2626a025dcfda2aa34 ca1dd7c4986fe9a9b9de8249b828182a00b521d7 8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9cd17fdb519b3b2626a025dcfda2aa34 ca1dd7c4986fe9a9b9de8249b828182a00b521d7 8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BB5)
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9cd17fdb519b3b2626a025dcfda2aa34 ca1dd7c4986fe9a9b9de8249b828182a00b521d7 8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3319
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:38:00 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 471
|
|
| api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com | 52.2.144.69 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com IP52.2.144.69:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/devices/widgets?referer=https%3A//seguro.poweroferta.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json
content-length: 0
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-request-id: f0bf382f-03dd-4ca0-ac05-3efd7006f955
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/device_sessions/web_device | 52.2.144.69 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/web_device IP52.2.144.69:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: aa9fa67f-566d-4fc3-a717-05f5d2e0b9db
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-81,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: b94903a55c7ae9d1
x-b3-traceid: b94903a55c7ae9d1
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-81: 5pNosscJcyA/g6Z0UOYjArad5E8OwDoTQv42NqDhZ2sUxusVKH/9lQDacXrfEsdF
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashc157622abc2881860117a5c511cfd089 4df9c12db30a07cbe0fc2e017ee68f6013eceb67 12f19814e22ece52c6e8f3bd2010d30bd7465b990c9200ab05ac22dc292a1a4b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:37 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9wM6gZXYomez9zrwOu5u8sLj0iSUvbvOlc6Bvq9adQhxWLOkT9x7jA==
Age: 4242
|
|
| cdn.yampi.io/ana/ana.min.js?t=1664323200000 | 104.18.14.227 | 200 OK | 80 kB |
URL HTTP/2cdn.yampi.io/ana/ana.min.js?t=1664323200000 IP104.18.14.227:0
Hashdeb74a4bda9edad6f94841bf04d6dcc3 679dd3a05d6d301b841a6b46cf4169abc0ce1a9c 2dac1e7dbb4b111355add76646f5cd7acbdfeac86e3af2f75083eac09dc5d026
GET /ana/ana.min.js?t=1664323200000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/javascript
x-amz-id-2: ltjj2N3u0e5I23d6wZXeX527jCIqgkIqiF15RZjN6hpGlB2fFxL1C98wsStVpGv5WVFi6dixScE=
x-amz-request-id: P8AJQ6PCRBMB1A0B
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 6245
expires: Wed, 27 Sep 2023 07:33:19 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128cea585b0b45-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcecc051994b78bcedcce3fcfc6c4a5f6 37f1a74bb5ccb3769f824f69b0e20024df1b1211 ad1137bc68154183043545a3c538023e999df3abb219411a9b4b633d02511e70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BB5)
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 2.3 kB |
IP93.184.220.29:0
Hash7b608fe6c21672a63e4799163f3dafc0 8b2ab280d4c02e1adf68414692e0c2e1221a8409 db8b0f4a5f61620749926de4f614d99d430626fc6d48332c3cf92c2ceafcc597
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BC8)
Content-Length: 471
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png | 52.95.165.30 | 200 OK | 5.1 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png IP52.95.165.30:0
File typePNG image data, 300 x 90, 8-bit/color RGB, non-interlaced\012- data Hash37efca6cdf7016a5283d32610c7d7136 08e5eb5c88d6df8fdc5f175dc40084ec2d4e6753 47e4bcfc9ddbe6782376f5fc4ee7bbc0ebe3622ddd92db97b081c885b199478f
GET /king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /1AGoNpRlWT121CEM+1QrWoonuBxkZUN36Vurtc0ytn7vBBQpRqarfQSaM6ts1RAT6ddUTC/fvc=
x-amz-request-id: SNRG4M42HQMHP50C
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Thu, 20 May 2021 13:50:01 GMT
ETag: "37efca6cdf7016a5283d32610c7d7136"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5127
|
|
| analytics.tiktok.com/api/v2/pixel | 23.36.79.17 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 750
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733196C5D97A990C18CCB16A1
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ea278d02bcce6a7c1c6a2ce19064e7996a409a2180e8868c2aa9d3dc5cad3f5947a4277a9e08ee07cd17ae890862a56ab
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:19 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=4, origin; dur=108
x-origin-response-time: 108,23.36.79.13
x-akamai-request-id: 61c44346
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/api/v2/pixel | 23.36.79.17 | 200 OK | 258 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hash8d60d636e85577ce3fd99b7442628e14 50f734f3fcaf07529fa17f97fc17d6b7332cea39 193b05f825f8032813507c58e6497a15a02dab86b28c683f2ab06a9a126e2853
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 771
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733192F52607DD57104C8B5AA
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eee4eb77576bbf709b14aed2bbcc1e9fec12471740fe85948d8e66ab604510e60c13c03f91eb2829eb04e77e3e5e74f08
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=10, origin; dur=111
x-origin-response-time: 111,23.36.79.13
x-akamai-request-id: 61c443a0
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/api/v2/pixel | 23.36.79.17 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 776
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733197AD52F7DF96E27D085CE
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e1b2ad9e28e8d0345b876ee7123314ef1ed6be8237f25e611c5a6bd9c6ce8c3b0551d0f10066168e90bc3d0e39fe6ed4a
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=8, origin; dur=108
x-origin-response-time: 108,23.36.79.13
x-akamai-request-id: 61c443cc
X-Firefox-Spdy: h2
|
|
| seguro.poweroferta.com/e/t | 170.82.173.30 | 200 OK | 20 B |
URL HTTP/2seguro.poweroferta.com/e/t IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /e/t HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjcxZWQwZDI5NzZlOWIzYWUiLCJ0ciI6ImQ0M2U2MTcwMjI3MzMwNmM0ZjVjMzk0ODc2NDliOTE3IiwidGkiOjE2NjQyNjM5OTcxMDJ9fQ==
traceparent: 00-d43e61702273306c4f5c39487649b917-71ed0d2976e9b3ae-01
tracestate: 2935249@nr=0-1-2935249-1134170823-71ed0d2976e9b3ae----1664263997102
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlJBcXVWVktkUmJBdm56VG5Hd05ZUUE9PSIsInZhbHVlIjoiVGFFbjFMXC9aV0tDUVJJdllEeGljWktPeEVVbWRma0xJaUVBUjFhNVJtOWVmSGFjY1BoMjdOMEw3SmpCRkg1MElKek4yUFZvSkRlTEhBR2lcL0JcL3VXdlE9PSIsIm1hYyI6ImIyYTI0YzdlOTRlNTgyN2VmNGU3MjFkYzJjMzA5NzJmZGNlZGY2OTE1MjFjYzBiOGJhMWMzY2QwYmIyZDVlNGYifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjloTjFDOCs1MHFJM01VUmhCeVwvUmVRPT0iLCJ2YWx1ZSI6IlhuczVMN1prSE5sZUVJejRTVWdJaUg1eFF3OW4xZG4zZGNQbkpiQVBXdUNnVUkrc1c0XC92XC9XN29EU0xNcmxNeHpFdTBjV1BjRWo5NTZFa20rXC9pV1d3PT0iLCJtYWMiOiI4YTIzMDZlNTQ0YWZhNmNkNjUxZDhkY2IwMjdiYzJjNzkwNGVmOGFjYzQ2YmUyZmI5YmZkOWFiMTU0MDk3M2FjIn0%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRDwsNHh5UFUMGBFZTXQBTAlcCDQUFXFgDFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/api/v2/pixel | 23.36.79.17 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 753
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733195EF738149E21C4D08216
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5599e93bb302ee5fd2c2ef3cde1a86201e3b3d6435b8e128352cefd6d052c427f4f708c5d33d7bc1d2c884eb3413e9d0caca68aeefe6b0da21cf9cb6e8f43cd11
x-origin-response-time: 129,23.218.223.5
x-akamai-request-id: 8c073980.61c44373
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_MISS from a23-218-223-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=129, inner; dur=120
x-parent-response-time: 238,23.36.79.13
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js | 142.250.74.163 | 200 OK | 158 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (826) Size158 kB (158248 bytes) Hashdb1b5789e9915e9c82f5df92e5982980 2e193e502995501c85f45fd89d9f83707a7f9573 db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 119245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcf99681f6f1d6e00e0abca7033eb6219 73261f7daa90ce6fd7a81b10ed7bd762200c3f28 3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:06:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hashcae538dcce82598fbe43c0bf443e62dd cc68ac6be9c5e0087a0000e5735b83270ace30f5 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 06:41:09 GMT
expires: Tue, 27 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 3131
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/etid | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/etid IP143.204.55.42:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 27 Sep 2022 07:33:20 GMT
server: Tengine
set-cookie: _d2id=cbec395f-3e85-461f-a2c5-0658c62f64cf-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:20 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: a5494527-e5d1-4479-9367-8c1c04c0ec8d-1664264000236
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 3
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-request-device-id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-d2id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: auHdWFay-Oq8UOJXlCvc3ynNaXaYGIDIkeF4Uya3_zJxR4j1y-8BnA==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash17b745b5d3e387127df4aba170081743 e59dc2fcbab312428ac919358c3f8afe301e723b 94b6219f1fdabe19021204226c005ab3f82f148cbfabd240a999f18267895bdb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| connect.facebook.net/en_US/fbevents.js | 157.240.200.14 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP157.240.200.14:0
File typeASCII text, with very long lines (64348) Hashe1327a02d76346c7e23d114e4e508b30 195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LXIn+4Q9FT6kffLCnZ8LHY5TezvJTRkK9PhdlnZjOAUfvbmUpb+6F1OuMHSKaiU1GRFBKzUpkWEDjyo2wsfVaA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 07:33:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/etid | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/etid IP143.204.55.42:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 27 Sep 2022 07:33:20 GMT
server: Tengine
set-cookie: _d2id=23ca88e2-02e0-48b4-819b-5c56a622252e-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:20 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: 52947e23-0c8c-4499-86b3-93840aefdfae-1664264000263
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-request-device-id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-d2id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jTbc_-P5_1PaUdhHxFsY-93YNs5-AbxGX5a2JlqyI9um28bw4RmaFA==
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 216.58.207.237 | 302 Found | 395 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP216.58.207.237:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381) Hash51b75cefb9d80bb9f60cc67eddaafbb3 ab45ba34cf35b3c79d25ecef416007035fd3e47e b30eb9562b4291af2e790ada2dc1e649ff302ab26c0f2c3235863bd2f123e5de
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 07:33:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1844807421%3A1664264000309886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWp0Bl01xEpWwk-7joBP6Cxt0fVoNJLd0Lyazm-hr1MaIkPxydYT76DyTW4fEt2brjgWTxQCyQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-fYpfwBA1fkj9WRWVqQfGkg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:619wdds11r74sCPPayzbo6fKrHT4xA:TPXZjuOleAB5Y4Jc;Path=/;Expires=Thu, 26-Sep-2024 07:33:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashcf99681f6f1d6e00e0abca7033eb6219 73261f7daa90ce6fd7a81b10ed7bd762200c3f28 3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Tue, 27 Sep 2022 05:58:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash002d49bafbcc428a44fe523322ad9e05 b39aad0d1e941121f28af8f9b6d76f19216800d5 59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css | 142.250.74.163 | 200 OK | 24 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css IP142.250.74.163:0
File typeASCII text, with very long lines (52762), with no line terminators Hashf2d649025c814be9c33f166a5e04fe88 26bf59de631415927ba2c6c9e44fe9c763f95313 f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/css
age: 169190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js | 142.250.74.163 | 200 OK | 158 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (826) Size158 kB (158248 bytes) Hashdb1b5789e9915e9c82f5df92e5982980 2e193e502995501c85f45fd89d9f83707a7f9573 db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 119245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708 | 64.233.162.154 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708 IP64.233.162.154:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.poweroferta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486 | 64.233.162.154 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486 IP64.233.162.154:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://seguro.poweroferta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash002d49bafbcc428a44fe523322ad9e05 b39aad0d1e941121f28af8f9b6d76f19216800d5 59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash95f95fee6e94fb192e7c06459e3e3f8e 025638b85afcc833cd592c98cc941dd011d2526f dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png | 52.95.165.30 | 200 OK | 20 kB |
URL HTTP/1.1s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png IP52.95.165.30:0
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Hash2b292d04d7ad57117f11085fd1121dd3 5b1be3e2a260486d3f64c3639214a9eab5cecb31 b78d237d9d4713c0be5d036d2ef75aa5e40f291336be2315ae272d5ddc0666ad
GET /king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 745YvUSD4lAHEPztP9qBaKEqtR9vya7bayhNaQVj0AZ3Qe9g7ee7zA9pjzzUTWJXumPg9iu3z4g=
x-amz-request-id: MZPPSHJ7BN0MSTSH
Date: Tue, 27 Sep 2022 07:33:21 GMT
Last-Modified: Thu, 20 May 2021 13:14:47 GMT
ETag: "2b292d04d7ad57117f11085fd1121dd3"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 19789
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash95f95fee6e94fb192e7c06459e3e3f8e 025638b85afcc833cd592c98cc941dd011d2526f dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.facebook.com/tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET | 157.240.200.35 | 200 OK | 172 kB |
URL HTTP/2www.facebook.com/tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET IP157.240.200.35:0
File typegzip compressed data, from Unix\012- data Size172 kB (171746 bytes) Hash5a4efaa0054ce59fe80cc9f7e7c9effa 6cf071ebcebe1dc4dcf8e2a5ffa7b65ccdd855c4 c610cef9658321a48eb1d5b17829e17d3ffeb1e2e0de7fb47d2912509a0994dd
GET /tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET IP157.240.200.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET IP157.240.200.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET IP157.240.200.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET IP157.240.200.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET IP157.240.200.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-spa-1216.min.js | 151.101.86.137 | 200 OK | 18 kB |
URL HTTP/2js-agent.newrelic.com/nr-spa-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32010) Hash6561a2403142205f966207d61576f1a6 1310e72f494e12ab63a4280fc1600a2c89dc9bb8 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 07:33:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3122
x-timer: S1664264001.237552,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf62dc7a0694f88dffa1bd8d7099e183c ed44a31f29d27d93434beb2578299dea3a4e695b 302fb9dc752b866cf3fe89464e02880e622457f3ed430d099da708356c556c99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2193
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:21 GMT
Last-Modified: Tue, 27 Sep 2022 06:56:48 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471
|
|
| bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 07:33:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75128cfbfd54b521-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=ba3dd2a8cbb5f780; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address | 162.247.241.14 | 200 OK | 24 B |
URL HTTP/1.1bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address IP162.247.241.14:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashbc32ed98d624acb4008f986349a20d26 2d3df8c11d2168ce2c27e0937421d11d85016361 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1026
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 07:33:22 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 75128cfdf860b521-OSL
Access-Control-Allow-Origin: https://seguro.poweroferta.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
|
|
| api.mercadopago.com/v1/device_sessions/anonymous_device_session | 52.2.144.69 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/anonymous_device_session IP52.2.144.69:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:22 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 06e189b3-d79d-4a47-b5b9-8c2c92b173ef
x-trace-digest-40: XBj/DTvT8DvVjv4C83vNUvpIeE8LK9dO9LckxUckknJLC4sXOoGUqQ2IauFkL18W
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: fcec10ebf2c69062
x-b3-traceid: fcec10ebf2c69062
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/device_sessions/anonymous_device_session | 52.2.144.69 | 200 OK | 337 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/anonymous_device_session IP52.2.144.69:0
File typeJSON data\012- , ASCII text, with very long lines (337), with no line terminators Hash4cb0d12ce0f9fe7437e86df0059b2b7c 5794908d29d7ebf74b9f98826a5a80400c728f55 d6fb3d692e32caecb4c63b1347a1f73b2f23cadeb277ce6d5cd715108e748960
POST /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:23 GMT
content-type: application/json; charset=utf-8
content-length: 337
access-control-allow-origin: https://seguro.poweroferta.com
x-request-id: a3e6556c-5b38-460e-ba27-5207d39b8f08
x-trace-digest-40: SpSBAF2shpqR1R3CItZqgGIU+j1UgLgyzKxeJpXCziNxVKAX6jjecWKdr7WOXKHq
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 9d40564d3bc3adad
x-b3-traceid: 9d40564d3bc3adad
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap IP142.250.74.10:0
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 07:33:18 GMT
date: Tue, 27 Sep 2022 07:33:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.dooki.com.br/fa/4.7.0/fa.css | 104.18.1.53 | 200 OK | 0 B |
URL HTTP/2fonts.dooki.com.br/fa/4.7.0/fa.css IP104.18.1.53:0
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 612
expires: Wed, 05 Oct 2022 07:33:18 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce6ed0b0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.shopify.com/s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg | 104.16.255.71 | 404 Not Found | 0 B |
URL HTTP/2cdn.shopify.com/s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg IP104.16.255.71:0
GET /s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30
server-timing: imagery;dur=15.762, imageryFetch;dur=15.477
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b8bd88fc-0f34-407f-bfd8-a53800d3c150
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucJ7Ny%2FP55ri17M6ftmbJlY1hHRFlMyTwJ0oO3u3TteF816xCCZ6aUUjPDow01AeMWLuH23hFcb70NdB09GN6%2Bin4klhwTBJSvHfrJBl1FpdQNNj0TaeqPXWRePm08hI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75128ce72862b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com | 52.2.144.69 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com IP52.2.144.69:0
POST /v1/devices/widgets?referer=https%3A//seguro.poweroferta.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: public_get_session_widget
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-credentials: true
set-cookie: profile=1664263999494;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: 179309ae-51f2-4e59-be32-be0b9582ed4f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b IP143.204.55.42:0
GET /jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
set-cookie: _d2id=c0f86630-4b1c-434b-b10f-2420aebb8122-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-request-device-id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-d2id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z7bD9U-CReGMq1DdnvOgoVHSTytAeF5QHE-ag1E5SQOsEdFJwG3v1Q==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process IP143.204.55.42:0
GET /jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=0fe2602b-9adb-44d9-8671-9199ae3a4a59-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-request-device-id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-d2id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u6mRKttMRWclId4G18222WUO2yhuekz0_3XaAVMSdo-8hAdFcbT0ew==
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774 | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774 IP143.204.55.42:0
GET /jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=e321783b-e7d1-4ff8-a83f-ae787fcd8ed5-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
access-control-allow-origin: *
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-request-device-id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-d2id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DwwBtOM6zQBstwGzVMtLjDbM6fcyk7fTsi9tTnj4mUIFPGuTEKWVg==
X-Firefox-Spdy: h2
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c IP104.26.3.88:0
GET /checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: application/javascript
x-amz-id-2: kiKMcAr44hCS/h/HVY248HvVsZ8c++jxSbplSUA+eauwmt5HsWg8UBb9Ul0Y6kT3rAvxJVfXLU0=
x-amz-request-id: CY4BWHFC5C676757
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: dI9F0vCOZifuvcVSKZO43mZnYXF0Vwno
etag: W/"20baf997b7e31a089f0a9544550cf45a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTWxi4c6tOHzh%2F2z%2Bm9RNVpMD4YgCdOZMxcA%2FSw4uIdpaUU5j0vxd7eB4qMgQ0Hict1BrSMhsO0p0CUrPR1OXrZhzWbGvn6oxR0ItiULWAStufJRq3PrsKWi4Oa2B%2ByxkHZWPT9UfP7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f55b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| seguro.poweroferta.com/e/t | 170.82.173.30 | 200 OK | 0 B |
URL HTTP/2seguro.poweroferta.com/e/t IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /e/t HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjEwZTg0YTNjMWI0MjMyMGIiLCJ0ciI6ImIzY2M2MzE5YzRmYzNmYmMxOWQ0ZmRlODQ0OTA1MjU0IiwidGkiOjE2NjQyNjM5OTcxMDR9fQ==
traceparent: 00-b3cc6319c4fc3fbc19d4fde844905254-10e84a3c1b42320b-01
tracestate: 2935249@nr=0-1-2935249-1134170823-10e84a3c1b42320b----1664263997104
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 357
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlBGVkprZ1gwZHFwMmdybHFEN3piTlE9PSIsInZhbHVlIjoiNFwvYkpkQnNOQXVkcDFoa3llME9pajhhTnhxdVhaMmtrRFVLd1BcLzQ1TnpFek9Cd3ZvTEk2NHhobGRjWW1Ia2o3NVRndUJsYkg4dG9PRW1LXC82NEVtYlE9PSIsIm1hYyI6ImI4MjI2MmM3ZTIzNTJkMjY5YzcyNzFlNGMwYzAxMmU1ZjAwZDBmMzhhNmU3MDMxOTdmOTYxYWE2ZGZhODZmMDMifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlFMMnZlQitXVHdcL3VwXC8wNzBOaHNrUT09IiwidmFsdWUiOiJyZW5uZTVFVnNnandtZDNOTVpDejdsV1BJRjBcL3Y3Y2s1ekltUFwvN3plUFR1bHBIZ1JKMXgyWm9oenZyWFwvcHN4Vm5rQWJvV2ZyeTlPelc1ZHFvXC9BeXc9PSIsIm1hYyI6IjZmYmUxZTRlMTRlMWExOTkzYmFhNWEzZTQ1ZTNhMWRmMzNiZjM2MTFhZWE2NDQwMDI5NTc0NzllMWUwNDI2MTQifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRAAkMHh5UFUMFWQEHUg4FWQVUDFIDXFVXFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| seguro.poweroferta.com/cart/recomm | 170.82.173.30 | 200 OK | 0 B |
URL HTTP/2seguro.poweroferta.com/cart/recomm IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cart/recomm HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImVkM2I0ZDExNWYwZTA1YmMiLCJ0ciI6ImY4YzhlYjRiZjRkYjY1ODhhN2M0NTI2MWYwMjM3NDhjIiwidGkiOjE2NjQyNjM5OTcwOTV9fQ==
traceparent: 00-f8c8eb4bf4db6588a7c45261f023748c-ed3b4d115f0e05bc-01
tracestate: 2935249@nr=0-1-2935249-1134170823-ed3b4d115f0e05bc----1664263997095
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6InB5QnFYUU1QblFPMzlMdHZxZUNQaGc9PSIsInZhbHVlIjoiSVFXbk5SQW5jaG1aazJDc1B2QU9IOFdCZTJDOTZQalFEUWxGeGhCSWROQ3lWN0F0OG9vN01VaWVWTjlQSm1ORlwvQlhhSjk5QThoVE1UUTNkTFdyd1JBPT0iLCJtYWMiOiI0MWJhYzdjYzAxM2QzYjJlMzk1MTM1NzUzZjI3NGJmM2NhYzE2YTNmYTAxNTIxZTgzMjg2YjMzZTYxYThlZTMxIn0%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlNlbVZhVnlDcDRzd1hQXC9xSmJSekx3PT0iLCJ2YWx1ZSI6IkdkdFUwSmpDUWRcL28yZFFtZ09lUE9QbmVYWE1hS1lwOUQxWjNVRGJKK2pDMCt5aUl0bHpETGVhVkQxb3c2cUFEU1BCemFoRE5Id25cL1JjbXdab1d3MEE9PSIsIm1hYyI6IjM5ODY5ZGRjOGI3MTY5NDk1Nzg5NTQ5NzY5MWM0Nzc3NWI3N2UzNzJjNGVjN2U2MTRhMWVhYjc3MTM1ZDAyMWIifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYFBVIVTABNEQddVAZXUFsIAQhcU1EGCVJESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process IP143.204.55.42:0
GET /jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Tue, 27 Sep 2022 07:33:23 GMT
server: Tengine
set-cookie: _d2id=bbdf726c-7e46-4ac6-a267-d2e0eb781598-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:23 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-request-device-id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-d2id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 19o_GWMceBvt0RmxV4ZYIiWSEHhRNnCIdcfwl3VTept-qBWuqrSCmQ==
X-Firefox-Spdy: h2
|
|
| awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b | 104.26.3.88 | 200 OK | 0 B |
URL HTTP/2awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b IP104.26.3.88:0
GET /checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/css
x-amz-id-2: OyOibZMfkkwB05gPZjuAsZeVUSb0Qjq+xaaRsKOG1t3dnzjziub4AwhX7Cp9nuLlFVGUfHwL6zY=
x-amz-request-id: CY4EYD17YF0TDT82
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: sk8GhqbtozvgmZdvBhWo.6c8nigPYGNS
etag: W/"c1cb1b608993e42920393f83d30bc32b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYY9eSbEL4Z9fhJ5l%2FmXitadyChSONYY%2BQvv%2BPDIKVezCg2floQ8LoeiyXaggiAkfkLlo6SFnOwPS1iFo8ieJ0trglzL4AweECwkgRvLL0gwT%2BQcx3pALjpDpiNRPuwXjPiIuZxk0yDC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce65f23b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.mercadopago.com/v2/security.js | 143.204.55.36 | 200 OK | 0 B |
URL HTTP/2www.mercadopago.com/v2/security.js IP143.204.55.36:0
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 27 Sep 2022 07:33:18 GMT
set-cookie: _d2id=c47e9523-6df1-4f09-b0b5-9fadfcc835d2-n; Path=/; Domain=.mercadopago.com; Expires=Wed, 27 Sep 2023 07:33:18 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-request-device-id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-d2id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yySYUlv4D2VUjlKa86mER_ockUqQ2Z49JRSUcjAWVw7VuwmlZzau3g==
X-Firefox-Spdy: h2
|
|
| api.mercadopago.com/v1/device_sessions/web_device | 52.2.144.69 | 200 OK | 0 B |
URL HTTP/2api.mercadopago.com/v1/device_sessions/web_device IP52.2.144.69:0
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.poweroferta.com
x-request-id: d457d3c4-0b0d-4afa-a915-ccc6f51f351b
x-trace-digest-40: CN1QDKRFaFnNZ8S/TC/SBqiFx1sGiIq+UfQU2jyXwjHE+FpnbqTdwQL+A8VXKyXz
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 038ba3b06eabdcff
x-b3-traceid: 038ba3b06eabdcff
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1664263999504;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.mercadolivre.com/jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D | 143.204.55.53 | 200 OK | 0 B |
URL HTTP/2www.mercadolivre.com/jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D IP143.204.55.53:0
GET /jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
set-cookie: _d2id=35f51f63-4121-4a76-8084-50c869e85b3c-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-request-device-id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-d2id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WTeGyFu5Js12jdFbE8OIw31olnuzBzQC7pD7sRujBT4CE5uZdZd0uA==
X-Firefox-Spdy: h2
|
|
| seguro.poweroferta.com/checkout/address | 170.82.173.30 | 200 OK | 0 B |
URL HTTP/2seguro.poweroferta.com/checkout/address IP170.82.173.30:0 ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /checkout/address HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InR3VzlsRHNDcTVWdlY1QzRnNXJvZEE9PSIsInZhbHVlIjoia242cVI0aktzSjVCd05MaHpkNXoyd0E3U0c3S0k1dTBLMmhIRjhSeHBVcWNIcDZ1TnN0dHU1QWNWd2lQeTBSNll0RUlkRDB6VXJkeEJLTklvUHNRV3c9PSIsIm1hYyI6ImRjMjIwMTRlNzMwYWZhYTNiMTZlOTQ4ZjkzMzc2OTAzMzc3ODFhMDRhODUxYmEwNTNlZWY2NmE1OGYwOGFmOTcifQ%3D%3D; bubbstore_checkout=eyJpdiI6Ikw4R2toNVwvVXFwS0xubEdSTzJNOFFnPT0iLCJ2YWx1ZSI6ImxaQ3J6VTVHNUV0ZVJWWmlBdFpSVVBLcnRXaEh3NkZSeEhDR0EzK2hcL3hncnFYS2R4NHhQWDdUQ1hxYzJ1aGh5Szd1eSs3OUpHdmRad2RWNENmenVHdz09IiwibWFjIjoiMjA1ZGZmZjk1YWFlOGU0NzEyNzMwOTM4NDU0MjA0NGQwMzhlZWRkYTE1Zjk3MmEyNmQ2OTM4MDY2ODY1NjUxYyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; expires=Tue, 27-Sep-2022 10:33:17 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; expires=Tue, 27-Sep-2022 10:33:17 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D IP143.204.55.42:0
GET /jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=a4e60fb6-85d3-4c9f-aad3-098eda39ccaf-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
dsid=1284de78-e194-406f-8574-0a9a093c6c43-1664264001772;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=0f799bde-dd39-4ccc-b62c-0ca5baeb4afa-1664264001772;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 10
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-request-device-id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-d2id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2VEI6lfY1lsN2St6SwEcCjtFzx-zlOtiStCGwkszEIkimOJFwFnoLA==
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq | 23.36.79.17 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq IP23.36.79.17:0 ASN#20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220927073319F6A6A93466948EC88F09
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b54076bbcbc3ea4a0a9b6a20a6c108d96e78cdbebcc0fe81ca5f4179e1a56fe7ab486b3c31347cc1ef0428335df8280aea389f0cc63fce3257bb98ddbc72601655
content-encoding: gzip
x-origin-response-time: 8,23.218.223.21
x-akamai-request-id: 86f8c0.61c43c65
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:19 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-21.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=8, inner; dur=4
x-parent-response-time: 109,23.36.79.13
X-Firefox-Spdy: h2
|
|
| www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b | 143.204.55.42 | 200 OK | 0 B |
URL HTTP/2www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b IP143.204.55.42:0
GET /jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=788f17df-e1a1-4cf9-9d34-9546bf480134-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-request-device-id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-d2id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LYcqlFGlbF5SktgN0FCDu3ihuBmfIqmbpdKrkgxJpqw4DE-wINV10Q==
X-Firefox-Spdy: h2
|
|