Report - seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078

Report Overview

Submitted URL
seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
IP
170.82.174.30
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Submitted
2022-09-27 07:33:27
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.9 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
s3.sa-east-1.amazonaws.com	60686	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	872 B	26 kB	52.95.165.30
www.mercadolibre.com	33991	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.6 kB	8.1 kB	143.204.55.42
fonts.dooki.com.br	829308	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	544 B	104.18.1.53
www.mercadopago.com	88200	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	910 B	143.204.55.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
seguro.poweroferta.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.1 kB	30 kB	170.82.173.30
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	10 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	472 B	34 kB	142.250.74.163
analytics.tiktok.com	1182	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	4.7 kB	23.36.79.17
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	694 B	142.250.74.3
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	19 kB	151.101.86.137
secure.mlstatic.com	140771	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	9.8 kB	23.36.79.33
cdn.yampi.io	402975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	81 kB	104.18.14.227
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	344 kB	142.250.74.163
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	20 kB	142.250.74.174
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	1.9 kB	216.58.207.237
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	746 B	142.250.74.10
awesome-assets.yampi.me	708511	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	880 B	1.8 kB	104.26.3.88
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.41.98.34
api.mercadopago.com	47277	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.1 kB	52.2.144.69
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.158
cdn.shopify.com	2327	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	993 B	104.16.255.71
www.mercadolivre.com	123600	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	972 B	143.204.55.53
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	11 kB	93.184.220.29
js.upnid.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	8.7 kB	130.211.14.112
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	38 kB	142.250.74.72
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	174 kB	157.240.200.35
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.0 kB	162.247.241.14
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	1.2 kB	142.250.74.164
images.yampi.me	955081	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	31 kB	104.26.3.88
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	28 kB	157.240.200.14
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	47 kB	34.120.237.76
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	64.233.162.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	seguro.poweroferta.com/e/t	Phishing
2022-09-27	medium	seguro.poweroferta.com/e/t	Phishing
2022-09-27	medium	seguro.poweroferta.com/cart/recomm	Phishing
2022-09-27	medium	seguro.poweroferta.com/checkout/address	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (54)

	URL	Size	First Seen	Last Seen
	seguro.poweroferta.com/checkout/address	353 B	2023-03-07	2024-03-04
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-03-04 11:09:00 Times Seen219 Hash 7edbfaf23acfcccf9ab6fc52e23c3b4b 2a6657dad6743e460cdeed322c81f9a412fa3a62 21f274758663f991c7bdb105622a595b62d450213854d8b25992d7ce7b69219d Loading...

	seguro.poweroferta.com/checkout/address	567 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 30ca7fb8e552272864b3334219b2d4cf 4d4ae519df4830a8337ba7d923b788d87860fc22 987fee66d1b28f7007e3f999bf2bb3a3b0e364067085d8d53a7e9e3cd7e521cd Loading...

	seguro.poweroferta.com/checkout/address	91 B	2023-03-07	2024-02-12
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-02-12 00:45:50 Times Seen198 Hash 1dca09b0d182f74df13fc34d1fe69f37 41290fab40aa6622ef7d502babc4c0d278a55379 9048448e0593ee7b31476ebdd9202e97fae8f57073e4e20c33484004a25407f4 Loading...

	analytics.tiktok.com/i18n/pixel/identify.js	117 kB	2023-03-07	2023-03-10
Pretty URL analytics.tiktok.com/i18n/pixel/identify.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:59:15 Last Seen2023-03-10 09:38:20 Times Seen1 Hash c2c792b06e482de60daa4bd4e6119302 19838e462b2d65a3e2c62e7f9fac91164709ca21 f6a2d67f13b9f1bee865f714ce068dd86ddf7589b5aec91bb1b4a99d216042de Loading...

	seguro.poweroferta.com/checkout/address	120 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 701352bfc0fc2e6a6204d3a25d681280 2a23b5f2c8dee23b8b4df44a10759fbe88013569 32599fe73038a7fef7a1320022a9067c412b80e0b4d526da8348fa1dd6287b21 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	connect.facebook.net/signals/config/280392987126699?v=2.9.84&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/280392987126699?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 71e8678a59e17a1d37b703aef3a99f29 4289cb7db920a37f5eb6c2449cb88fd58113d279 258785ba7610f572f2ce42a883b4da3ee1500ca11fb7ded88d7404de407c6d21 Loading...

	secure.mlstatic.com/sdk/javascript/v1/mercadopago.js	26 kB	2023-03-07	2023-03-17
Pretty URL secure.mlstatic.com/sdk/javascript/v1/mercadopago.js IP 23.36.79.33 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:20 Last Seen2023-03-17 11:38:51 Times Seen1 Hash 1b206e0917b94e48b84e631c30e3ad51 a288eee3547fb9af3e7aa695f5c75d4ec2fc6715 0ff9c8bcddadb5dfea5c7b92690b22e0deb95bdad12eb0333493b7b8933d03c2 Loading...

	seguro.poweroferta.com/checkout/address	1.0 kB	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 09f85e4f8e12b579886ba5edd14493d7 ffc29813eef29716078979c220f3c69bfb1636fd 1849a610ea99eef5b9efdda9a847acfd996435711743b06dcd8110774c5af644 Loading...

	www.mercadopago.com/v2/security.js	4.2 kB	2023-03-07	2023-07-24
Pretty URL www.mercadopago.com/v2/security.js IP 143.204.55.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2023-07-24 08:01:12 Times Seen171 Hash 83cb633a8859f758950fd9d19bc15ff1 097ee3acbf35746c73ba6c4419db948125b6d100 f57c7212fd3c303c5a79e95d877d401f9c60345229d95e925e8b83db8f480396 Loading...

	seguro.poweroferta.com/checkout/address	30 B	2023-03-07	2024-02-12
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-02-12 00:45:51 Times Seen189 Hash 56066eaaac74fcb835b17343624d9610 27982064679c91ef689845a4bbc048fe083da3c7 854b2d353f063aaa9ce7f5070abb32307e4376a44bd34b2476cb2e37e3dfad9a Loading...

	seguro.poweroferta.com/checkout/address	727 B	2023-03-07	2023-03-17
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:14 Last Seen2023-03-17 12:36:54 Times Seen1 Hash 013c7ff93d644d39a749fde3e6c8a9e2 60fdf2b0e830af462bb2c362ead7a90e674af505 713eef74a17f7d7dcc24e8a5cb36557707f236290c7c5be17a7d2740d09a1751 Loading...

	seguro.poweroferta.com/checkout/address	346 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 61f3bb0a1b751cbcad153a830d43b5c5 78b8b86d8ec4feab1d91110a369a6069fcf4198c 10dc416a31de0af9242959480d9335fdb33e31c53746739c1c84812b629e9a3a Loading...

	cdn.yampi.io/ana/ana.min.js?t=1664323200000	7.6 kB	2023-03-07	2023-05-26
Pretty URL cdn.yampi.io/ana/ana.min.js?t=1664323200000 IP 104.18.14.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2023-05-26 07:40:54 Times Seen75 Hash e7cabc20ce5d56c20d8c4577a36e2525 bf35539d423f5351660f0c1d9458a705a07abaab 3c0a414165a2109c0ae8e15b5452663e74c15fb6d6da40ceabb11e8c7bb4c468 Loading...

	cdn.yampi.me/jquery/jquery.js	97 kB	2023-03-07	2024-04-23
Pretty URL cdn.yampi.me/jquery/jquery.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-23 19:27:44 Times Seen587 Hash 9f7c65c84c8e8c3e317945e8fd89899b 709c935c0a488ff7aa010157221eb07b4a041578 c26cfce9caf7b965861956c1f173821f45f1e1f61aa4bd19ddd4b26723411c9d Loading...

	www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC	884 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:17:51 Last Seen2023-03-08 03:19:53 Times Seen1 Hash 659efb7cfc068886c09e277e6ec2e17f 24a5bf2fa12be5450f9954b1566fcf259304ea65 a9001e6395e964e3f59bf9f2ed1f68ec2a5392e44add41475268cfccc15baaa6 Loading...

	www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process	21 B	2023-03-07	2024-04-24
Pretty URL www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process IP 143.204.55.42 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:51 Last Seen2024-04-24 22:58:40 Times Seen1002 Hash 827cdd4c85bf2b05c56dc2c4d0f93d3a 7281ac3916b761b1e2016d0544bad0f8719f5efc 4abde68cc3ebcb8653668a78058b74a9a67cc03fa87b142616b4041e4f0971e1 Loading...

	connect.facebook.net/signals/config/275456640976387?v=2.9.84&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/275456640976387?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 302802e2a53d0a63105c6bebdf6187b4 8b54e303fc201e98edb3788c251d892b6f9bf3f1 4eeb27895ce745b4911cfc11daeed6e3598e5a3ebb7247200eaddbe4c7e310f4 Loading...

	js-agent.newrelic.com/nr-spa-1216.min.js	50 kB	2023-03-07	2024-03-22
Pretty URL js-agent.newrelic.com/nr-spa-1216.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:43 Times Seen568 Hash 63e2df852d15ab21d7ff8fc4363222e8 7ee401ba652db0a4ec960350e17216cda01e22fb 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC&co=aHR0cHM6Ly9zZWd1cm8ucG93ZXJvZmVydGEuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=furzi0fzhm92	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC&co=aHR0cHM6Ly9zZWd1cm8ucG93ZXJvZmVydGEuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=furzi0fzhm92 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 02:56:36 Times Seen99421 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 03:39:45 Times Seen37053323 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	connect.facebook.net/signals/config/640111826659765?v=2.9.84&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/640111826659765?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 11:57:08 Times Seen1 Hash f637003d02eeb63bff230c516f85a614 12cbe99e53bed0fe1ea0e5650532ab560a6e6bbb 47d9b05dcc3346bf35cc17b3fbeb48b07e5de59bf1a027f50d07565e5ac3219b Loading...

	seguro.poweroferta.com/checkout/address	865 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 0792489867715cf059b5e41bbd850bb5 cd78b665f7ac7262742b1f08186ce8e4d8d2a4f7 65631b2f77f381eee7e4637fb75e497440f6b30d9cc9fac41a49cdbb73cbbd0f Loading...

	seguro.poweroferta.com/checkout/address	38 kB	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash fa06df1db9a573a05b3383e445d39bcf 0d50cbc3d8b98f8c3b5489271982c4be0d2779b4 cd51062a28b01bcb5ac91c737816f13d3c97d8df70134d3dc1ffa8fc2e54ed8d Loading...

	seguro.poweroferta.com/checkout/address	113 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 397e67950efe920565011678c07870e7 0efdc1a5e4de5035e872e52bd9f7e6472fe1f5f6 38ccbfbe54f854a4e6c034d6bfdf03bc9e353f752363b95f395e0b623cddc709 Loading...

	seguro.poweroferta.com/checkout/address	30 B	2023-03-08	2024-01-28
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2024-01-28 22:07:00 Times Seen11 Hash 7678d044e4fb02dd1795ab1a76e98c5b c1f879ff353fcfcb7bc3dcb87254cd5557d1aac5 8d1766abfc8d7c0e96471c21d7d6cfe22f22e93405540a005ec7fc3a586f166e Loading...

	www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b	8.0 kB	2023-03-08	2023-03-08
Pretty URL www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b IP 143.204.55.42 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash a01cec936ff4598cf2827b83626996c9 ea1822bd6ab36e4157a2a4865b75ea93c6ca08d5 cc1daf6fefad704792929283f66726fe5c6c94dfee248bc171b448dea5d1572d Loading...

	bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	seguro.poweroferta.com/checkout/address	72 B	2023-03-07	2023-05-11
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2023-05-11 08:25:43 Times Seen25 Hash 81faecab8e751506c2a076714216151a 1e7f8722ba80640b1331d947115038317e78e100 e247cc353fdd41263b94b93d712faf7e8d13db5723aa49ea32fd964ebe7c87d8 Loading...

	js.upnid.com/v0.js	23 kB	2023-03-07	2023-03-17
Pretty URL js.upnid.com/v0.js IP 130.211.14.112 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:15 Last Seen2023-03-17 12:36:54 Times Seen1 Hash 574299022e3748aa0c8e4ffe1fde00fa 9674854bebd300b0ed3bfe9ba2b07818f2edd999 a88b284ad4a1462f66eba2c255e653d828eed03aae82f24e346de2fdb9b59839 Loading...

	seguro.poweroferta.com/checkout/address	306 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 6af30e4da2a87767767e0d4e60c1e84d c8d83d362516735bf9ebe21d80d53e3009a0a608 515e80ca1a84de577bfd6cd4cda817146228291565b8b0274991b7b01476e944 Loading...

	seguro.poweroferta.com/checkout/address	887 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 60be60db5ad47d5df4bb85b107aa6833 ed95692008c729280063cb97cc1e8f2011dcd8f7 9ae28cbdbda4c48beeb43e31bb368defc71d060c4666a4284c9fa2f21dbad18e Loading...

	seguro.poweroferta.com/checkout/address	25 B	2023-03-07	2024-03-01
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:46 Last Seen2024-03-01 05:59:55 Times Seen94 Hash c98772460e65fe9f9c635df5d0968bcd b8f152afa044e5ce3d9f6df5e2f3938e1ff8c815 03c9c0108d408a2bfef1851302060a05dcc9471c0b4fc4bf51b352201b3e5da2 Loading...

	seguro.poweroferta.com/checkout/address	38 kB	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 620e3ed25ecfe3ccab6407a785e8f9fa 56ea64a9f946e748a26bcaca491803f5a83fb0ab 52713e962eca53ebb1cab14a912869ca4c0d0b27cfa962abc0de0ef1bfa16e3d Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC&co=aHR0cHM6Ly9zZWd1cm8ucG93ZXJvZmVydGEuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=furzi0fzhm92	35 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC&co=aHR0cHM6Ly9zZWd1cm8ucG93ZXJvZmVydGEuY29tOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=furzi0fzhm92 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 0c653fedbd39c2a5d04aae45be430098 ae435e799209dce604d553d8d37f95afd138f5b0 ae870d9151ed26a0d5dae202c83e9dafd356dccaa3e4ca460189094448ce5572 Loading...

	seguro.poweroferta.com/checkout/address	403 B	2023-03-07	2024-02-12
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-02-12 00:45:50 Times Seen235 Hash b80d46c71bfeed889ac6bd34b2f90601 caea5216d620d8832cd23f1a07919b6364ba6130 7b420377ae08d548833e49c23e3da2d1132ad5306657cedd32c9102ea12a1bd2 Loading...

	seguro.poweroferta.com/checkout/address	145 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash d48718b149b1d97a86c2809a5ca19208 f9582ab3b2d8f48b23ba1b3893fa2f26b739aace bb25dde328d86c6ffebbe701b9b11a8e638175545e08c9966ac8b58cf1598326 Loading...

	analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5ORU1TODNNK397VN700&hostname=seguro.poweroferta.com	61 kB	2023-03-08	2023-03-08
Pretty URL analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5ORU1TODNNK397VN700&hostname=seguro.poweroferta.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 0f2543959b047d0792e5b3efafe0ff4b acfdf3143213cc41aed4c1e518915500a9c513d7 bff6e4a487ec9f416e155acb09a3fed4e86c7fd97697a6ab3772ee67bcd3589f Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

	seguro.poweroferta.com/checkout/address	737 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 6a7f30889e2d2b9ad70b31462978845e 0a4b1b683b932aca0e035d1815e4df7c556f1afc 851fae2a968229edd08a70ed8202bcbcec9ae90ddbf7f9afd31bf44e3f276402 Loading...

	seguro.poweroferta.com/checkout/address	4 B	2023-03-07	2024-02-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-02-08 04:18:27 Times Seen148 Hash b902cff0c53cbbe80b60a0f48b19d49d 849b09f02394c7f9523f6d2eae68d3ed57623dc6 0fcd4dfee81328ab64a2887ffbe902a2479efca04352f0ee5ee20e7c30c32faa Loading...

	seguro.poweroferta.com/checkout/address	9.5 kB	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 2edb67573d78ca7b334bada32c52bd9d e9cf2f46e158092b0b3dc14ddd59496880fdb959 7c834ba227aaca1472a2986d57b4078b858d938de825a422c499123bcc5c78c2 Loading...

	seguro.poweroferta.com/checkout/address	394 B	2023-03-07	2024-02-12
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-02-12 00:45:50 Times Seen202 Hash e4af8a5a7f4a7c9193ab9ba11ef84dea 184558dc71a3b0daa2eeb9fbc74d0f7f506701de fb105044f98cd7b5e954f2f7ac622c2c8c48bb8f7382782d6403ae93274f5853 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K9GXZFM	98 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K9GXZFM IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 39ca38ebdafebe88ea996747f11e041d 5af1a8e06db8da03332eefc42618f4ec961e4f8e af091cdfc375bbbb30212cfba5e481042782f68b42671bd8eb1159fa1ec901cd Loading...

	seguro.poweroferta.com/checkout/address	125 B	2023-03-08	2023-03-08
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:24:13 Last Seen2023-03-08 11:57:08 Times Seen1 Hash 411d081b31152611c77efdd8eb71c8a5 b864b04a5ee7109dc5ab6f55e4e2879b8d8e8abc 57ba64de2eab4303d745d08eb8029bdded2b5b15576839f3cb0e6aa10d6f95cb Loading...

	www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js	398 kB	2023-03-07	2023-03-10
Pretty URL www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:10 Last Seen2023-03-10 14:27:44 Times Seen1 Hash dff1edaf9fa8e0138b7342527bb2fdaf 9c1d9e6f3a8785ffdd088f57e3e8803dd2c459b0 23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9 Loading...

	www.google-analytics.com/plugins/ua/ecommerce.js	1.4 kB	2023-03-07	2024-03-29
Pretty URL www.google-analytics.com/plugins/ua/ecommerce.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:11 Last Seen2024-03-29 17:20:31 Times Seen107 Hash fd02edf106d5501f7e87d17452887750 500f64b65cf47e7a10b720648054c208f61f4719 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Loading...

	seguro.poweroferta.com/checkout/address	31 kB	2023-03-07	2023-03-17
Pretty URL seguro.poweroferta.com/checkout/address IP 170.82.173.30 ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:14 Last Seen2023-03-17 12:36:54 Times Seen1 Hash 03c0f9f9cef65364520520bbc7bbd1e0 b7b80ad046af7c179be66aed6204f938b1df0b42 2169144a12915a8ace67c09e69c9d320922d75cb8e62cda9d4f1c3d2aab3a693 Loading...

	www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b	8.0 kB	2023-03-08	2023-03-08
Pretty URL www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b IP 143.204.55.42 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash 2605bb250fa95e6529ed5f69680e0877 3c80253338d452b262f61f8d8df86fc4e8edf59b 42fe31a5855b8d8af34e74537055f0d020b9db8deb2249f3182696367e64baa6 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2851c27fe4d7dcfce30aeaa53cfb59ed	16 kB	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 2851c27fe4d7dcfce30aeaa53cfb59ed e6d6747077359e2996fcb8ce60c94647e548a120 b7bb0c5ac33ab436c5fe975360ef1af5f66987c6c8bf5c0569e749197b16ecaa Loading...

	#2 Eval - f9737a498645bdf5e55934aba45f22f5	18 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 02:19:53 Last Seen2023-03-08 02:19:53 Times Seen1 Hash f9737a498645bdf5e55934aba45f22f5 2a36411da0ce31cbd5bd33bc2dcf4984e217c176 6e82ce106cd3c2d7be378cb23b97e5c2cdf880eb5652dcebeb4888cbaef697e6 Loading...

	#3 Eval - c4bcc9c08455c63b6941587911bb5e33	62 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash c4bcc9c08455c63b6941587911bb5e33 a63bdfb594e7769cde32b002448f0fec82476ce7 9a40ef33f7700831131770a8048c5a08faa312d7311fc2c6ced1909ea6e458ce Loading...

	#4 Eval - 1845a1a5613a3cc719cdfd0f4354c64d	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 1845a1a5613a3cc719cdfd0f4354c64d d98cc33e5143dec9bb98528b47284c10072c60ce 531ec07d216cb5810b6ebf63f292c8c1759049139e175d847973b17cd08238fa Loading...

	#5 Eval - 8255e47c8659ff37c9b3a0934673908e	22 B	2023-03-07	2023-03-08
Pretty Observations First Seen2023-03-07 23:04:59 Last Seen2023-03-08 03:22:24 Times Seen1 Hash 8255e47c8659ff37c9b3a0934673908e e851f0d2bd2c672883af76176e787f6530feabcf d651a2902f113132877a12117727707b1031e8f12615f8a3a0ad138ea5eb79ea Loading...

HTTP Transactions (110)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 07:33:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 06:44:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F3bCxSbUx9l82_-ez4KMYFvvq1tXHCrNSrLcVcYBylT-_sh4y3dNbQ==
Age: 2939

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13739
Expires: Tue, 27 Sep 2022 11:22:14 GMT
Date: Tue, 27 Sep 2022 07:33:15 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Hu5WjRU59wnPcMa7onFtGD0y69V2uhVBV1S1hfXCd2kzJaCPAnxCux4WJRs0fFSom/W0rvD4O5A=
x-amz-request-id: 0ZJF6X5APRBE2ZKR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 06:46:43 GMT
age: 2792
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078

170.82.173.30

301 Moved Permanently

134 B

URL HTTP/1.1
seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
IP
170.82.173.30:0
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 07:33:15 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.poweroferta.com:443/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
X-GoCache-CacheStatus: BYPASS
Server: gocache

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 07:33:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 07:10:46 GMT
Expires: Tue, 27 Sep 2022 07:38:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HvhO7oOp__lYQba23V0vwrIv-6bihh1KgyPVGItmERX_VtB6v0ircQ==
Age: 1350

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c3f1da5d56f40c334aa1714729e9daa7
7b7a254334bd34fc88140614c8963a686073ca59
a17a3ef70990b0b58bc5600096d81b3593a246a821f869db3d52d9a3949553ff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A17A3EF70990B0B58BC5600096D81B3593A246A821F869DB3D52D9A3949553FF"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21565
Expires: Tue, 27 Sep 2022 13:32:41 GMT
Date: Tue, 27 Sep 2022 07:33:16 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:16 GMT
Last-Modified: Tue, 27 Sep 2022 06:48:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.98.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.98.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /V5EFyFMb8WQ9tUQPyYjwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UaOkWqp4vZ0Jy2tJNQ9Gt9qJ0TA=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2367
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 07:33:17 GMT
Connection: keep-alive

170.82.173.30

302 Found

23 kB

URL HTTP/2
seguro.poweroferta.com/checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078
IP
170.82.173.30:0
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP

File type
data
Size
23 kB (22768 bytes)
Hash
bbee5fb0c7508549b69c69d4584edeff
c993f26e76b99198249b562316f1f1a3446a2aa3
a34e2d806ed5e31b2967ec23ad371cdeef4263dd9df4e9b79a250379b50f594e

HTTP Headers

GET /checkout/payment?cart_token=shopify-5f4d93de84362028ebf5f96f76a18bbb&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=b4d411bbccc3f692b7ad1fa63a991cd03f09f771&customerToken=7d96bd60-3e20-11ed-802e-59e2b27b8078 HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 27 Sep 2022 07:33:16 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.poweroferta.com/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InR3VzlsRHNDcTVWdlY1QzRnNXJvZEE9PSIsInZhbHVlIjoia242cVI0aktzSjVCd05MaHpkNXoyd0E3U0c3S0k1dTBLMmhIRjhSeHBVcWNIcDZ1TnN0dHU1QWNWd2lQeTBSNll0RUlkRDB6VXJkeEJLTklvUHNRV3c9PSIsIm1hYyI6ImRjMjIwMTRlNzMwYWZhYTNiMTZlOTQ4ZjkzMzc2OTAzMzc3ODFhMDRhODUxYmEwNTNlZWY2NmE1OGYwOGFmOTcifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:16 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ikw4R2toNVwvVXFwS0xubEdSTzJNOFFnPT0iLCJ2YWx1ZSI6ImxaQ3J6VTVHNUV0ZVJWWmlBdFpSVVBLcnRXaEh3NkZSeEhDR0EzK2hcL3hncnFYS2R4NHhQWDdUQ1hxYzJ1aGh5Szd1eSs3OUpHdmRad2RWNENmenVHdz09IiwibWFjIjoiMjA1ZGZmZjk1YWFlOGU0NzEyNzMwOTM4NDU0MjA0NGQwMzhlZWRkYTE1Zjk3MmEyNmQ2OTM4MDY2ODY1NjUxYyJ9; expires=Tue, 27-Sep-2022 10:33:16 GMT; Max-Age=10800; path=/; httponly
loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D; expires=Sun, 02-Oct-2022 07:33:16 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5319 bytes)
Hash
46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 35039
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7716 bytes)
Hash
8ef8d9284ebd57a7cf76ceb762291356
2b53c4f836970501a682dae07235215c487d35cc
3529ab97ab2214ee9c67ee234beac96cd40f0bd6092b92b71c60956ed5710b41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3823d156-2245-40a3-a9a3-7cb4a5c4a14d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7716
x-amzn-requestid: 1cf0b1c7-4611-40bf-b72a-412ebd03ef79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KguFL7IAMFzKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf137-2b7c15d3071e0266586fd17d;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:23:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZZKUgjmv2njI3xAPo57u0fBKEGqPmMUcWxHYzoSAaVjIIA2Oi0Aw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:03:16 GMT
age: 34201
etag: "2b53c4f836970501a682dae07235215c487d35cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10864 bytes)
Hash
56c3768b851e6a5206cbfbe3f5a97cae
2a2fabd9f9792daf9c058fc754d5616267b703f1
668dba22a0c81c4580637806c293521b176512b18ebcc2fe951be2f27f43134d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334b6513-7266-4f03-aae2-328c1b58a30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10864
x-amzn-requestid: a6be937a-3e8f-4dad-bbca-f28554f5ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioQqFHsoAMFxXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420d0-78fecb9e2f76416044839a35;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:08:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: l-svEjPVAfeYvCQAHsARjTk9PNdkVGUJA_2415312kWF2x6MDI7o7A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:17:07 GMT
age: 65770
etag: "2a2fabd9f9792daf9c058fc754d5616267b703f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8255 bytes)
Hash
fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 65086
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9163 bytes)
Hash
deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 35039
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

secure.mlstatic.com/sdk/javascript/v1/mercadopago.js

23.36.79.33

200 OK

9.1 kB

URL HTTP/1.1
secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
IP
23.36.79.33:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (25829), with no line terminators
Size
9.1 kB (9065 bytes)
Hash
13e3cc8ff400bf1da09ba98065151e4a
05da8917634372f71cd2f851e42129fecfb2f45f
9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36

HTTP Headers

GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "825262-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: d2e52704-7958-472c-b559-cac792b41f98
X-Request-Device-Id: d2e52704-7958-472c-b559-cac792b41f98
X-D2id: d2e52704-7958-472c-b559-cac792b41f98
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e4501845855e455a3e5006181018bc85
12fd7ddb62602464d02cdbb272135b5e4126e619
3c3dc6ec45037e00f095d4e655d92a679c9c66c1f54f13a1c00d8983f9366fd4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Server: ECS (amb/6BB5)
Content-Length: 280

ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3fe0ad4a6620f4e2fe6f5ff4209ad082
8ae7af61e1a4635898477449dee893c900c7acc1
fe85c3ad96b99ff6320f0b4f438c394e2699dac7f972664150299c824338b4f1

HTTP Headers

POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b851dbca60b0b9a4b1e8e9b6f29a6936
116ac4fa33d24267ac90741194cac6a474c6ab26
0e8d8ccd1dbd8d54d9f62c00a4359957de5956a6aa7ed4b19c6d7ba6da2f4625

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2759
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Last-Modified: Tue, 27 Sep 2022 06:47:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC

142.250.74.164

200 OK

585 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
585 B (585 bytes)
Hash
7d84c4456027d3c2e042f55c624444cb
ae1299213270a14574bac01f8f91d29a4c9ffd7c
5ac486ab075825fc510d276894e2a289866e243bbb1efe2f5246c710f307aae4

HTTP Headers

GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 27 Sep 2022 07:33:18 GMT
date: Tue, 27 Sep 2022 07:33:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

js.upnid.com/v0.js

130.211.14.112

200 OK

8.3 kB

URL HTTP/2
js.upnid.com/v0.js
IP
130.211.14.112:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (23050)
Size
8.3 kB (8310 bytes)
Hash
49fa980f95bb3bbff8b7a2857a727d5d
9e931943f03079522318820948018d78610eaca4
4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943

HTTP Headers

GET /v0.js HTTP/1.1
Host: js.upnid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Tue, 27 Sep 2022 07:25:29 GMT
age: 469
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58b1426c9f85f6f1d0a180ae5983fceb
7d49e932f5bbf2bbe6211b3212560eacfc004656
dc92b3fdcd34f33b5a7c901593be6a677c01d38a9a76d63b5b012863ba2344db

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Tue, 27 Sep 2022 11:21:12 GMT
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c46552685e56412345bec820f7b7238
61bb753560bbbba0e27c8d728df191c9b62bad4a
a890e707f4746677b24f6151756878e90c37fdaaec51c81d32f775fff9ddd81b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Server: ECS (amb/6BB5)
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3fe0ad4a6620f4e2fe6f5ff4209ad082
8ae7af61e1a4635898477449dee893c900c7acc1
fe85c3ad96b99ff6320f0b4f438c394e2699dac7f972664150299c824338b4f1

HTTP Headers

POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png

104.26.3.88

200 OK

9.7 kB

URL HTTP/2
images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png
IP
104.26.3.88:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
9.7 kB (9665 bytes)
Hash
ff0f08e495143eaeead6e6a41b6f760b
c41983416e217ae3a2cb70578d2e6dfd0299a3ad
dae3f404cc48f14d6a383843f2f9b7feb1cac287453ef167a0e30b684494ee91

HTTP Headers

GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f5d289b8.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: image/png
content-length: 9665
x-amz-id-2: bYYK0NFZ5dNm+0hOiRtWVm56DXbyOJsUswzTjFDPLu2WxLaMGJp2JwJ1UIDCvJUEnFB+Jy8cLE0=
x-amz-request-id: SB6T4EV0GERXNBSW
last-modified: Wed, 05 May 2021 12:28:44 GMT
x-amz-version-id: 9qEFXlq0ADyMSYF5gYLucNhB_XBEjUOM
etag: "ff0f08e495143eaeead6e6a41b6f760b"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8BlvZQgoh4Hsfu78yrgy2dVUFpc5%2B6jgXcIgE2KOL8FtN6g3RYODFMLrHQkp%2Bz%2BKdmFB5v%2B4ySFC2cEEBZ4L6oZkc0rlTY3nHdgNP9GWzJWwzUdO%2FoADbLn7O2rDcb0sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f58b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58b1426c9f85f6f1d0a180ae5983fceb
7d49e932f5bbf2bbe6211b3212560eacfc004656
dc92b3fdcd34f33b5a7c901593be6a677c01d38a9a76d63b5b012863ba2344db

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Tue, 27 Sep 2022 11:21:12 GMT
Date: Tue, 27 Sep 2022 07:33:18 GMT
Connection: keep-alive

images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png

104.26.3.88

200 OK

13 kB

URL HTTP/2
images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png
IP
104.26.3.88:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (12650 bytes)
Hash
c2c13512498002cecc4b6e7bd5d1be97
69eca78cae5ee4e140ad0786ba2d3880826b047a
d77d7e56eb3e0a1c10c6598ddc3fbe3aae571ca01ce698d90d9c7113e43f4807

HTTP Headers

GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f416bb0a.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: image/png
content-length: 12650
x-amz-id-2: jidSwKwvbpOi6F/rAzudRbjJFbS+o8jBTmcob1aAZUcUfeNToMMN3SHgRl6mnyrbqmc7j48eKeA=
x-amz-request-id: SB6GZ6GJ95BG8YV0
last-modified: Wed, 05 May 2021 12:28:43 GMT
x-amz-version-id: hGr_D3pTlus6Ron3YPdJ9yTXHCo52uOI
etag: "c2c13512498002cecc4b6e7bd5d1be97"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV4fsKPqolTh5i532yQB7ne7Wo3WEl%2BWVxeV%2B3tee0rXhcKeCIPvZ0i6jkmSiz2YJ5eJRzXW2%2FxcsvWX2LI7EfuaZO9dKdaYqNosJnCy0hq%2BviswN9qdG1T64P98VqLHzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f59b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png

104.26.3.88

200 OK

6.4 kB

URL HTTP/2
images.yampi.me/assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png
IP
104.26.3.88:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6352 bytes)
Hash
fda759418a4a2275690f85b43395537c
a0c92823a8f78aab016b093a0798e266ecda1f64
69382d049c1db12654da334c7c836b80d3331f7a833442da7d05eab17806e216

HTTP Headers

GET /assets/stores/loja-power-oferta/uploads/testimonies/60928f6a36795.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: image/png
content-length: 6352
x-amz-id-2: yNG1HtP92MfEYQgmIpUeGzUzM/sb8W79uZDhsKhkDO90U2LP8jqmSYGyt/WH218Wn70QqfFFOoo=
x-amz-request-id: SB6Y4JXGEFMJP922
last-modified: Wed, 05 May 2021 12:28:44 GMT
x-amz-version-id: lBA1PnNwoEc8KVD9DxWPJYu6BOQkCly3
etag: "fda759418a4a2275690f85b43395537c"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk3Yqd5mgV9pPUYlQ2%2Baocs1PomfaytOUILobMJ53dLLVO%2BV5OTO%2FQMuJ10iCOc4%2F7ua3scIGQ3LGoc3bmJq0QFi7RMo9CXyEIXAf%2BV%2BVn02SAWgzRZPze%2BNTEZh10GdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f5ab52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-K9GXZFM

142.250.74.72

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-K9GXZFM
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2317)
Size
38 kB (37738 bytes)
Hash
c7f3e1bac9c98e24271a148c859b6535
9c941c763fd4a3cf0207f23eda64fa6ffcb23878
89145fd08b95a5c319c116139b93b592baa91fc2a3f5304754d55621525b58b6

HTTP Headers

GET /gtm.js?id=GTM-K9GXZFM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 07:33:19 GMT
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

142.250.74.163

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size
34 kB (33580 bytes)
Hash
848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

HTTP Headers

GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:19 GMT
expires: Tue, 26 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 37500
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9cd17fdb519b3b2626a025dcfda2aa34
ca1dd7c4986fe9a9b9de8249b828182a00b521d7
8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:03 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9cd17fdb519b3b2626a025dcfda2aa34
ca1dd7c4986fe9a9b9de8249b828182a00b521d7
8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9cd17fdb519b3b2626a025dcfda2aa34
ca1dd7c4986fe9a9b9de8249b828182a00b521d7
8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BB5)
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9cd17fdb519b3b2626a025dcfda2aa34
ca1dd7c4986fe9a9b9de8249b828182a00b521d7
8224932f5d642aa9c3a56ba2adad8bdea68ee721716556d33ded1525a1c5e925

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3319
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:38:00 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 471

api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com

52.2.144.69

200 OK

0 B

URL HTTP/2
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com
IP
52.2.144.69:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/devices/widgets?referer=https%3A//seguro.poweroferta.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json
content-length: 0
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-request-id: f0bf382f-03dd-4ca0-ac05-3efd7006f955
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2

api.mercadopago.com/v1/device_sessions/web_device

52.2.144.69

200 OK

0 B

URL HTTP/2
api.mercadopago.com/v1/device_sessions/web_device
IP
52.2.144.69:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: aa9fa67f-566d-4fc3-a717-05f5d2e0b9db
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-81,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: b94903a55c7ae9d1
x-b3-traceid: b94903a55c7ae9d1
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-81: 5pNosscJcyA/g6Z0UOYjArad5E8OwDoTQv42NqDhZ2sUxusVKH/9lQDacXrfEsdF
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c157622abc2881860117a5c511cfd089
4df9c12db30a07cbe0fc2e017ee68f6013eceb67
12f19814e22ece52c6e8f3bd2010d30bd7465b990c9200ab05ac22dc292a1a4b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 07:33:19 GMT
Last-Modified: Tue, 27 Sep 2022 06:22:37 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9wM6gZXYomez9zrwOu5u8sLj0iSUvbvOlc6Bvq9adQhxWLOkT9x7jA==
Age: 4242

cdn.yampi.io/ana/ana.min.js?t=1664323200000

104.18.14.227

200 OK

80 kB

URL HTTP/2
cdn.yampi.io/ana/ana.min.js?t=1664323200000
IP
104.18.14.227:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
80 kB (79994 bytes)
Hash
deb74a4bda9edad6f94841bf04d6dcc3
679dd3a05d6d301b841a6b46cf4169abc0ce1a9c
2dac1e7dbb4b111355add76646f5cd7acbdfeac86e3af2f75083eac09dc5d026

HTTP Headers

GET /ana/ana.min.js?t=1664323200000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/javascript
x-amz-id-2: ltjj2N3u0e5I23d6wZXeX527jCIqgkIqiF15RZjN6hpGlB2fFxL1C98wsStVpGv5WVFi6dixScE=
x-amz-request-id: P8AJQ6PCRBMB1A0B
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 6245
expires: Wed, 27 Sep 2023 07:33:19 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128cea585b0b45-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cecc051994b78bcedcce3fcfc6c4a5f6
37f1a74bb5ccb3769f824f69b0e20024df1b1211
ad1137bc68154183043545a3c538023e999df3abb219411a9b4b633d02511e70

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BB5)
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

2.3 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
2.3 kB (2263 bytes)
Hash
7b608fe6c21672a63e4799163f3dafc0
8b2ab280d4c02e1adf68414692e0c2e1221a8409
db8b0f4a5f61620749926de4f614d99d430626fc6d48332c3cf92c2ceafcc597

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:19 GMT
Server: ECS (amb/6BC8)
Content-Length: 471

s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png

52.95.165.30

200 OK

5.1 kB

URL HTTP/1.1
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png
IP
52.95.165.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 300 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
5.1 kB (5127 bytes)
Hash
37efca6cdf7016a5283d32610c7d7136
08e5eb5c88d6df8fdc5f175dc40084ec2d4e6753
47e4bcfc9ddbe6782376f5fc4ee7bbc0ebe3622ddd92db97b081c885b199478f

HTTP Headers

GET /king-assets.yampi.me/dooki/60a66908d1770/60a66908d1775.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: /1AGoNpRlWT121CEM+1QrWoonuBxkZUN36Vurtc0ytn7vBBQpRqarfQSaM6ts1RAT6ddUTC/fvc=
x-amz-request-id: SNRG4M42HQMHP50C
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Thu, 20 May 2021 13:50:01 GMT
ETag: "37efca6cdf7016a5283d32610c7d7136"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5127

analytics.tiktok.com/api/v2/pixel

23.36.79.17

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 750
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733196C5D97A990C18CCB16A1
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ea278d02bcce6a7c1c6a2ce19064e7996a409a2180e8868c2aa9d3dc5cad3f5947a4277a9e08ee07cd17ae890862a56ab
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:19 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=4, origin; dur=108
x-origin-response-time: 108,23.36.79.13
x-akamai-request-id: 61c44346
X-Firefox-Spdy: h2

analytics.tiktok.com/api/v2/pixel

23.36.79.17

200 OK

258 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
258 B (258 bytes)
Hash
8d60d636e85577ce3fd99b7442628e14
50f734f3fcaf07529fa17f97fc17d6b7332cea39
193b05f825f8032813507c58e6497a15a02dab86b28c683f2ab06a9a126e2853

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 771
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733192F52607DD57104C8B5AA
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eee4eb77576bbf709b14aed2bbcc1e9fec12471740fe85948d8e66ab604510e60c13c03f91eb2829eb04e77e3e5e74f08
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=10, origin; dur=111
x-origin-response-time: 111,23.36.79.13
x-akamai-request-id: 61c443a0
X-Firefox-Spdy: h2

analytics.tiktok.com/api/v2/pixel

23.36.79.17

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 776
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733197AD52F7DF96E27D085CE
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e1b2ad9e28e8d0345b876ee7123314ef1ed6be8237f25e611c5a6bd9c6ce8c3b0551d0f10066168e90bc3d0e39fe6ed4a
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=8, origin; dur=108
x-origin-response-time: 108,23.36.79.13
x-akamai-request-id: 61c443cc
X-Firefox-Spdy: h2

seguro.poweroferta.com/e/t

170.82.173.30

200 OK

20 B

URL HTTP/2
seguro.poweroferta.com/e/t
IP
170.82.173.30:0
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /e/t HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjcxZWQwZDI5NzZlOWIzYWUiLCJ0ciI6ImQ0M2U2MTcwMjI3MzMwNmM0ZjVjMzk0ODc2NDliOTE3IiwidGkiOjE2NjQyNjM5OTcxMDJ9fQ==
traceparent: 00-d43e61702273306c4f5c39487649b917-71ed0d2976e9b3ae-01
tracestate: 2935249@nr=0-1-2935249-1134170823-71ed0d2976e9b3ae----1664263997102
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlJBcXVWVktkUmJBdm56VG5Hd05ZUUE9PSIsInZhbHVlIjoiVGFFbjFMXC9aV0tDUVJJdllEeGljWktPeEVVbWRma0xJaUVBUjFhNVJtOWVmSGFjY1BoMjdOMEw3SmpCRkg1MElKek4yUFZvSkRlTEhBR2lcL0JcL3VXdlE9PSIsIm1hYyI6ImIyYTI0YzdlOTRlNTgyN2VmNGU3MjFkYzJjMzA5NzJmZGNlZGY2OTE1MjFjYzBiOGJhMWMzY2QwYmIyZDVlNGYifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjloTjFDOCs1MHFJM01VUmhCeVwvUmVRPT0iLCJ2YWx1ZSI6IlhuczVMN1prSE5sZUVJejRTVWdJaUg1eFF3OW4xZG4zZGNQbkpiQVBXdUNnVUkrc1c0XC92XC9XN29EU0xNcmxNeHpFdTBjV1BjRWo5NTZFa20rXC9pV1d3PT0iLCJtYWMiOiI4YTIzMDZlNTQ0YWZhNmNkNjUxZDhkY2IwMjdiYzJjNzkwNGVmOGFjYzQ2YmUyZmI5YmZkOWFiMTU0MDk3M2FjIn0%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRDwsNHh5UFUMGBFZTXQBTAlcCDQUFXFgDFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2

analytics.tiktok.com/api/v2/pixel

23.36.79.17

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 753
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Cookie: _ttp=2FLGYjB2DvHHisjo5Nsk6VTWjMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209270733195EF738149E21C4D08216
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b5599e93bb302ee5fd2c2ef3cde1a86201e3b3d6435b8e128352cefd6d052c427f4f708c5d33d7bc1d2c884eb3413e9d0caca68aeefe6b0da21cf9cb6e8f43cd11
x-origin-response-time: 129,23.218.223.5
x-akamai-request-id: 8c073980.61c44373
expires: Tue, 27 Sep 2022 07:33:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_MISS from a23-218-223-5.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=129, inner; dur=120
x-parent-response-time: 238,23.36.79.13
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (826)
Size
158 kB (158248 bytes)
Hash
db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206

HTTP Headers

GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 119245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:06:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 06:41:09 GMT
expires: Tue, 27 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 3131
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.mercadolibre.com/jms/lgz/background/etid

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background/etid
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 27 Sep 2022 07:33:20 GMT
server: Tengine
set-cookie: _d2id=cbec395f-3e85-461f-a2c5-0658c62f64cf-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:20 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: a5494527-e5d1-4479-9367-8c1c04c0ec8d-1664264000236
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 3
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-request-device-id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-d2id: cbec395f-3e85-461f-a2c5-0658c62f64cf
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: auHdWFay-Oq8UOJXlCvc3ynNaXaYGIDIkeF4Uya3_zJxR4j1y-8BnA==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
17b745b5d3e387127df4aba170081743
e59dc2fcbab312428ac919358c3f8afe301e723b
94b6219f1fdabe19021204226c005ab3f82f148cbfabd240a999f18267895bdb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LXIn+4Q9FT6kffLCnZ8LHY5TezvJTRkK9PhdlnZjOAUfvbmUpb+6F1OuMHSKaiU1GRFBKzUpkWEDjyo2wsfVaA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 07:33:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.mercadolibre.com/jms/lgz/background/etid

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background/etid
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 27 Sep 2022 07:33:20 GMT
server: Tengine
set-cookie: _d2id=23ca88e2-02e0-48b4-819b-5c56a622252e-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:20 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: 52947e23-0c8c-4499-86b3-93840aefdfae-1664264000263
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-request-device-id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-d2id: 23ca88e2-02e0-48b4-819b-5c56a622252e
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jTbc_-P5_1PaUdhHxFsY-93YNs5-AbxGX5a2JlqyI9um28bw4RmaFA==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

395 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size
395 B (395 bytes)
Hash
51b75cefb9d80bb9f60cc67eddaafbb3
ab45ba34cf35b3c79d25ecef416007035fd3e47e
b30eb9562b4291af2e790ada2dc1e649ff302ab26c0f2c3235863bd2f123e5de

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 07:33:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1844807421%3A1664264000309886&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWp0Bl01xEpWwk-7joBP6Cxt0fVoNJLd0Lyazm-hr1MaIkPxydYT76DyTW4fEt2brjgWTxQCyQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-fYpfwBA1fkj9WRWVqQfGkg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:619wdds11r74sCPPayzbo6fKrHT4xA:TPXZjuOleAB5Y4Jc;Path=/;Expires=Thu, 26-Sep-2024 07:33:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Last-Modified: Tue, 27 Sep 2022 05:58:40 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

142.250.74.163

200 OK

24 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (52762), with no line terminators
Size
24 kB (24251 bytes)
Hash
f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921

HTTP Headers

GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/css
age: 169190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (826)
Size
158 kB (158248 bytes)
Hash
db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206

HTTP Headers

GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 119245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708

64.233.162.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&gjid=533826231&_gid=1381695759.1664263998&_u=IEBAAEASAAAAAC~&z=9491708 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://seguro.poweroferta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486

64.233.162.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486
IP
64.233.162.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=1315918230.1664263998&jid=20689431&gjid=673726524&_gid=1381695759.1664263998&_u=IEHAAEATAAAAAC~&z=738549486 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://seguro.poweroferta.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-183377766-1&cid=1315918230.1664263998&jid=2067642057&_u=IEBAAEASAAAAAC~&z=80327595 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 07:33:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png

52.95.165.30

200 OK

20 kB

URL HTTP/1.1
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png
IP
52.95.165.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19789 bytes)
Hash
2b292d04d7ad57117f11085fd1121dd3
5b1be3e2a260486d3f64c3639214a9eab5cecb31
b78d237d9d4713c0be5d036d2ef75aa5e40f291336be2315ae272d5ddc0666ad

HTTP Headers

GET /king-assets.yampi.me/dooki/60a660c65135b/60a660c651361.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: 745YvUSD4lAHEPztP9qBaKEqtR9vya7bayhNaQVj0AZ3Qe9g7ee7zA9pjzzUTWJXumPg9iu3z4g=
x-amz-request-id: MZPPSHJ7BN0MSTSH
Date: Tue, 27 Sep 2022 07:33:21 GMT
Last-Modified: Thu, 20 May 2021 13:14:47 GMT
ETag: "2b292d04d7ad57117f11085fd1121dd3"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 19789

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET

157.240.200.35

200 OK

172 kB

URL HTTP/2
www.facebook.com/tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
172 kB (171746 bytes)
Hash
5a4efaa0054ce59fe80cc9f7e7c9effa
6cf071ebcebe1dc4dcf8e2a5ffa7b65ccdd855c4
c610cef9658321a48eb1d5b17829e17d3ffeb1e2e0de7fb47d2912509a0994dd

HTTP Headers

GET /tr/?id=640111826659765&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999041&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=280392987126699&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999052&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_4agza5soa&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=275456640976387&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999051&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_khjssd844&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=280392987126699&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999047&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=275456640976387&ev=PageView&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999043&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=PageView_weszzz71p&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=640111826659765&ev=InitiateCheckout&dl=https%3A%2F%2Fseguro.poweroferta.com%2Fcheckout%2Faddress&rl=&if=false&ts=1664263999049&cd[content_ids]=%5B%226650252099762%22%5D&cd[content_type]=product_group&cd[value]=89.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664263999040.1049690227&it=1664263998302&coo=false&eid=InitiateCheckout_nx4txb9r3&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 07:33:21 GMT
X-Firefox-Spdy: h2

js-agent.newrelic.com/nr-spa-1216.min.js

151.101.86.137

200 OK

18 kB

URL HTTP/2
js-agent.newrelic.com/nr-spa-1216.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32010)
Size
18 kB (18216 bytes)
Hash
6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a

HTTP Headers

GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 07:33:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3122
x-timer: S1664264001.237552,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f62dc7a0694f88dffa1bd8d7099e183c
ed44a31f29d27d93434beb2578299dea3a4e695b
302fb9dc752b866cf3fe89464e02880e622457f3ed430d099da708356c556c99

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2193
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 07:33:21 GMT
Last-Modified: Tue, 27 Sep 2022 06:56:48 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 471

bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=5848&ck=1&ref=https://seguro.poweroferta.com/checkout/address&ap=119&be=2764&fe=5593&dc=3546&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664263993542,%22n%22:0,%22f%22:1692,%22dn%22:1692,%22dne%22:1692,%22c%22:1692,%22s%22:1692,%22ce%22:1692,%22rq%22:1694,%22rp%22:2746,%22rpe%22:2746,%22dl%22:2751,%22di%22:3469,%22ds%22:3545,%22de%22:3586,%22dc%22:5591,%22l%22:5591,%22le%22:5805%7D,%22navigation%22:%7B%7D%7D&fcp=3468&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 07:33:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75128cfbfd54b521-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=ba3dd2a8cbb5f780; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address

162.247.241.14

200 OK

24 B

URL HTTP/1.1
bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHlIGBkcAQEM%3D&rst=6630&ck=1&ref=https://seguro.poweroferta.com/checkout/address HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1026
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 07:33:22 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 75128cfdf860b521-OSL
Access-Control-Allow-Origin: https://seguro.poweroferta.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare

api.mercadopago.com/v1/device_sessions/anonymous_device_session

52.2.144.69

200 OK

0 B

URL HTTP/2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
52.2.144.69:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.poweroferta.com/
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:22 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 06e189b3-d79d-4a47-b5b9-8c2c92b173ef
x-trace-digest-40: XBj/DTvT8DvVjv4C83vNUvpIeE8LK9dO9LckxUckknJLC4sXOoGUqQ2IauFkL18W
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: fcec10ebf2c69062
x-b3-traceid: fcec10ebf2c69062
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2

api.mercadopago.com/v1/device_sessions/anonymous_device_session

52.2.144.69

200 OK

337 B

URL HTTP/2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
52.2.144.69:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (337), with no line terminators
Size
337 B (337 bytes)
Hash
4cb0d12ce0f9fe7437e86df0059b2b7c
5794908d29d7ebf74b9f98826a5a80400c728f55
d6fb3d692e32caecb4c63b1347a1f73b2f23cadeb277ce6d5cd715108e748960

HTTP Headers

POST /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:23 GMT
content-type: application/json; charset=utf-8
content-length: 337
access-control-allow-origin: https://seguro.poweroferta.com
x-request-id: a3e6556c-5b38-460e-ba27-5207d39b8f08
x-trace-digest-40: SpSBAF2shpqR1R3CItZqgGIU+j1UgLgyzKxeJpXCziNxVKAX6jjecWKdr7WOXKHq
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 9d40564d3bc3adad
x-b3-traceid: 9d40564d3bc3adad
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 07:33:18 GMT
date: Tue, 27 Sep 2022 07:33:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.dooki.com.br/fa/4.7.0/fa.css

104.18.1.53

200 OK

0 B

URL HTTP/2
fonts.dooki.com.br/fa/4.7.0/fa.css
IP
104.18.1.53:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 612
expires: Wed, 05 Oct 2022 07:33:18 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce6ed0b0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.shopify.com/s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg

104.16.255.71

404 Not Found

0 B

URL HTTP/2
cdn.shopify.com/s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg
IP
104.16.255.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/files/1/0509/6738/0146/products/2Qr5qIBQjE6N2jF6pJT2EsZgJmuoHP-min_250x250.jpg HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30
server-timing: imagery;dur=15.762, imageryFetch;dur=15.477
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: b8bd88fc-0f34-407f-bfd8-a53800d3c150
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucJ7Ny%2FP55ri17M6ftmbJlY1hHRFlMyTwJ0oO3u3TteF816xCCZ6aUUjPDow01AeMWLuH23hFcb70NdB09GN6%2Bin4klhwTBJSvHfrJBl1FpdQNNj0TaeqPXWRePm08hI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75128ce72862b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com

52.2.144.69

200 OK

0 B

URL HTTP/2
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.poweroferta.com
IP
52.2.144.69:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /v1/devices/widgets?referer=https%3A//seguro.poweroferta.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: public_get_session_widget
access-control-allow-origin: https://seguro.poweroferta.com
access-control-allow-credentials: true
set-cookie: profile=1664263999494;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: 179309ae-51f2-4e59-be32-be0b9582ed4f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2

www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
set-cookie: _d2id=c0f86630-4b1c-434b-b10f-2420aebb8122-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-request-device-id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-d2id: c0f86630-4b1c-434b-b10f-2420aebb8122
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z7bD9U-CReGMq1DdnvOgoVHSTytAeF5QHE-ag1E5SQOsEdFJwG3v1Q==
X-Firefox-Spdy: h2

www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=0fe2602b-9adb-44d9-8671-9199ae3a4a59-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-request-device-id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-d2id: 0fe2602b-9adb-44d9-8671-9199ae3a4a59
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u6mRKttMRWclId4G18222WUO2yhuekz0_3XaAVMSdo-8hAdFcbT0ew==
X-Firefox-Spdy: h2

www.mercadolibre.com/jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/lgz/background/jsuuid?current=59707a3a-43b9-43ff-b618-e29cb3e1c08f-1664264001774 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=e321783b-e7d1-4ff8-a83f-ae787fcd8ed5-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
access-control-allow-origin: *
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-request-device-id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-d2id: e321783b-e7d1-4ff8-a83f-ae787fcd8ed5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DwwBtOM6zQBstwGzVMtLjDbM6fcyk7fTsi9tTnj4mUIFPGuTEKWVg==
X-Firefox-Spdy: h2

awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c

104.26.3.88

200 OK

0 B

URL HTTP/2
awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c
IP
104.26.3.88:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: application/javascript
x-amz-id-2: kiKMcAr44hCS/h/HVY248HvVsZ8c++jxSbplSUA+eauwmt5HsWg8UBb9Ul0Y6kT3rAvxJVfXLU0=
x-amz-request-id: CY4BWHFC5C676757
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: dI9F0vCOZifuvcVSKZO43mZnYXF0Vwno
etag: W/"20baf997b7e31a089f0a9544550cf45a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTWxi4c6tOHzh%2F2z%2Bm9RNVpMD4YgCdOZMxcA%2FSw4uIdpaUU5j0vxd7eB4qMgQ0Hict1BrSMhsO0p0CUrPR1OXrZhzWbGvn6oxR0ItiULWAStufJRq3PrsKWi4Oa2B%2ByxkHZWPT9UfP7q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce69f55b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

seguro.poweroferta.com/e/t

170.82.173.30

200 OK

0 B

URL HTTP/2
seguro.poweroferta.com/e/t
IP
170.82.173.30:0
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /e/t HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjEwZTg0YTNjMWI0MjMyMGIiLCJ0ciI6ImIzY2M2MzE5YzRmYzNmYmMxOWQ0ZmRlODQ0OTA1MjU0IiwidGkiOjE2NjQyNjM5OTcxMDR9fQ==
traceparent: 00-b3cc6319c4fc3fbc19d4fde844905254-10e84a3c1b42320b-01
tracestate: 2935249@nr=0-1-2935249-1134170823-10e84a3c1b42320b----1664263997104
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 357
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlBGVkprZ1gwZHFwMmdybHFEN3piTlE9PSIsInZhbHVlIjoiNFwvYkpkQnNOQXVkcDFoa3llME9pajhhTnhxdVhaMmtrRFVLd1BcLzQ1TnpFek9Cd3ZvTEk2NHhobGRjWW1Ia2o3NVRndUJsYkg4dG9PRW1LXC82NEVtYlE9PSIsIm1hYyI6ImI4MjI2MmM3ZTIzNTJkMjY5YzcyNzFlNGMwYzAxMmU1ZjAwZDBmMzhhNmU3MDMxOTdmOTYxYWE2ZGZhODZmMDMifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlFMMnZlQitXVHdcL3VwXC8wNzBOaHNrUT09IiwidmFsdWUiOiJyZW5uZTVFVnNnandtZDNOTVpDejdsV1BJRjBcL3Y3Y2s1ekltUFwvN3plUFR1bHBIZ1JKMXgyWm9oenZyWFwvcHN4Vm5rQWJvV2ZyeTlPelc1ZHFvXC9BeXc9PSIsIm1hYyI6IjZmYmUxZTRlMTRlMWExOTkzYmFhNWEzZTQ1ZTNhMWRmMzNiZjM2MTFhZWE2NDQwMDI5NTc0NzllMWUwNDI2MTQifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRAAkMHh5UFUMFWQEHUg4FWQVUDFIDXFVXFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2

seguro.poweroferta.com/cart/recomm

170.82.173.30

200 OK

0 B

URL HTTP/2
seguro.poweroferta.com/cart/recomm
IP
170.82.173.30:0
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cart/recomm HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImVkM2I0ZDExNWYwZTA1YmMiLCJ0ciI6ImY4YzhlYjRiZjRkYjY1ODhhN2M0NTI2MWYwMjM3NDhjIiwidGkiOjE2NjQyNjM5OTcwOTV9fQ==
traceparent: 00-f8c8eb4bf4db6588a7c45261f023748c-ed3b4d115f0e05bc-01
tracestate: 2935249@nr=0-1-2935249-1134170823-ed3b4d115f0e05bc----1664263997095
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.poweroferta.com/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6InB5QnFYUU1QblFPMzlMdHZxZUNQaGc9PSIsInZhbHVlIjoiSVFXbk5SQW5jaG1aazJDc1B2QU9IOFdCZTJDOTZQalFEUWxGeGhCSWROQ3lWN0F0OG9vN01VaWVWTjlQSm1ORlwvQlhhSjk5QThoVE1UUTNkTFdyd1JBPT0iLCJtYWMiOiI0MWJhYzdjYzAxM2QzYjJlMzk1MTM1NzUzZjI3NGJmM2NhYzE2YTNmYTAxNTIxZTgzMjg2YjMzZTYxYThlZTMxIn0%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlNlbVZhVnlDcDRzd1hQXC9xSmJSekx3PT0iLCJ2YWx1ZSI6IkdkdFUwSmpDUWRcL28yZFFtZ09lUE9QbmVYWE1hS1lwOUQxWjNVRGJKK2pDMCt5aUl0bHpETGVhVkQxb3c2cUFEU1BCemFoRE5Id25cL1JjbXdab1d3MEE9PSIsIm1hYyI6IjM5ODY5ZGRjOGI3MTY5NDk1Nzg5NTQ5NzY5MWM0Nzc3NWI3N2UzNzJjNGVjN2U2MTRhMWVhYjc3MTM1ZDAyMWIifQ%3D%3D; expires=Tue, 27-Sep-2022 10:33:19 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYFBVIVTABNEQddVAZXUFsIAQhcU1EGCVJESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/lgz/background/session/armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI1OTcwN2EzYS00M2I5LTQzZmYtYjYxOC1lMjljYjNlMWMwOGYtMTY2NDI2NDAwMTc3NCIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiYmZlNTBkYjItODYwNS00NWNhLThlMWMtMjM1Nzk1MmFiZGE2LTE2NjQyNjQwMDE3NzQifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
Connection: keep-alive
Cookie: dsid=77d8e28a-f613-46de-854f-0615aa984c89-1664264001787; edsid=5d0f81c3-79f3-4c5b-891d-71a073fe9758-1664264001787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Tue, 27 Sep 2022 07:33:23 GMT
server: Tengine
set-cookie: _d2id=bbdf726c-7e46-4ac6-a267-d2e0eb781598-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:23 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-request-device-id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-d2id: bbdf726c-7e46-4ac6-a267-d2e0eb781598
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 19o_GWMceBvt0RmxV4ZYIiWSEHhRNnCIdcfwl3VTept-qBWuqrSCmQ==
X-Firefox-Spdy: h2

awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b

104.26.3.88

200 OK

0 B

URL HTTP/2
awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b
IP
104.26.3.88:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/css
x-amz-id-2: OyOibZMfkkwB05gPZjuAsZeVUSb0Qjq+xaaRsKOG1t3dnzjziub4AwhX7Cp9nuLlFVGUfHwL6zY=
x-amz-request-id: CY4EYD17YF0TDT82
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: sk8GhqbtozvgmZdvBhWo.6c8nigPYGNS
etag: W/"c1cb1b608993e42920393f83d30bc32b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYY9eSbEL4Z9fhJ5l%2FmXitadyChSONYY%2BQvv%2BPDIKVezCg2floQ8LoeiyXaggiAkfkLlo6SFnOwPS1iFo8ieJ0trglzL4AweECwkgRvLL0gwT%2BQcx3pALjpDpiNRPuwXjPiIuZxk0yDC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75128ce65f23b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.mercadopago.com/v2/security.js

143.204.55.36

200 OK

0 B

URL HTTP/2
www.mercadopago.com/v2/security.js
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 27 Sep 2022 07:33:18 GMT
set-cookie: _d2id=c47e9523-6df1-4f09-b0b5-9fadfcc835d2-n; Path=/; Domain=.mercadopago.com; Expires=Wed, 27 Sep 2023 07:33:18 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-request-device-id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-d2id: c47e9523-6df1-4f09-b0b5-9fadfcc835d2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yySYUlv4D2VUjlKa86mER_ockUqQ2Z49JRSUcjAWVw7VuwmlZzau3g==
X-Firefox-Spdy: h2

api.mercadopago.com/v1/device_sessions/web_device

52.2.144.69

200 OK

0 B

URL HTTP/2
api.mercadopago.com/v1/device_sessions/web_device
IP
52.2.144.69:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.poweroferta.com
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.poweroferta.com
x-request-id: d457d3c4-0b0d-4afa-a915-ccc6f51f351b
x-trace-digest-40: CN1QDKRFaFnNZ8S/TC/SBqiFx1sGiIq+UfQU2jyXwjHE+FpnbqTdwQL+A8VXKyXz
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-40,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 038ba3b06eabdcff
x-b3-traceid: 038ba3b06eabdcff
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1664263999504;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.mercadolivre.com/jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D

143.204.55.53

200 OK

0 B

URL HTTP/2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/mlb/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjUyOTQ3ZTIzLTBjOGMtNDQ5OS04NmIzLTkzODQwYWVmZGZhZS0xNjY0MjY0MDAwMjYzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjMxLCJ3ZWJnbCI6MiwidXNlcmZvbnRzIjo4NCwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1NiwiaGFzaCI6MjAzLCJ0b3RhbCI6MjAzfSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
set-cookie: _d2id=35f51f63-4121-4a76-8084-50c869e85b3c-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-request-device-id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-d2id: 35f51f63-4121-4a76-8084-50c869e85b3c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WTeGyFu5Js12jdFbE8OIw31olnuzBzQC7pD7sRujBT4CE5uZdZd0uA==
X-Firefox-Spdy: h2

seguro.poweroferta.com/checkout/address

170.82.173.30

200 OK

0 B

URL HTTP/2
seguro.poweroferta.com/checkout/address
IP
170.82.173.30:0
ASN
#266444 3L CLOUD INTERNET SERVICES LTDA - EPP

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /checkout/address HTTP/1.1
Host: seguro.poweroferta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InR3VzlsRHNDcTVWdlY1QzRnNXJvZEE9PSIsInZhbHVlIjoia242cVI0aktzSjVCd05MaHpkNXoyd0E3U0c3S0k1dTBLMmhIRjhSeHBVcWNIcDZ1TnN0dHU1QWNWd2lQeTBSNll0RUlkRDB6VXJkeEJLTklvUHNRV3c9PSIsIm1hYyI6ImRjMjIwMTRlNzMwYWZhYTNiMTZlOTQ4ZjkzMzc2OTAzMzc3ODFhMDRhODUxYmEwNTNlZWY2NmE1OGYwOGFmOTcifQ%3D%3D; bubbstore_checkout=eyJpdiI6Ikw4R2toNVwvVXFwS0xubEdSTzJNOFFnPT0iLCJ2YWx1ZSI6ImxaQ3J6VTVHNUV0ZVJWWmlBdFpSVVBLcnRXaEh3NkZSeEhDR0EzK2hcL3hncnFYS2R4NHhQWDdUQ1hxYzJ1aGh5Szd1eSs3OUpHdmRad2RWNENmenVHdz09IiwibWFjIjoiMjA1ZGZmZjk1YWFlOGU0NzEyNzMwOTM4NDU0MjA0NGQwMzhlZWRkYTE1Zjk3MmEyNmQ2OTM4MDY2ODY1NjUxYyJ9; loja-power-oferta_cart=eyJpdiI6IjlZN3ZGbUc3YSszOCtZM1NDOFJYK2c9PSIsInZhbHVlIjoiNmYzd2JMSmZETGI0a1RBTEs3MCs3cEhwbzBwa1BvbWtkWDJScmNHYjJuakl5SldOb0hLUmV0c3JBVUtVYXNPdmpPQ2cweTZaSzJkZnlVbXVnRkY4XC9RPT0iLCJtYWMiOiIwZWVmOGYwMmY4ZDk2OTI1ZTMzNjY3MGUyMjZmZjFjYTRlOGUxOTVlZjQxNjAzYWJlNmJlY2ZlMmJjOTIyZDdkIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 07:33:18 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjJJbjA5aEhFZFFVNUVaV25zdFI2S0E9PSIsInZhbHVlIjoiWm1DNHdSZ1JpYlI2bXJ0Qm5uS2ZSRElQYXF1VzZxXC9YWkRcL3NNZDRhcGF4REUzZTRqRjk5YU5zQStTTUpEUG5nTFVOS1ZTTnhjQ0pTSVl1eXpEUUlxdz09IiwibWFjIjoiMTUxYmViNTg5ZWM2ZTgwYzNhZDcxNTY4MzZmNDhlMjZiMTVjMzBkOTk5N2YzYWY4ZGVlOWEyOWI1ZDgyMGJjYSJ9; expires=Tue, 27-Sep-2022 10:33:17 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjZzeVVBSDdkN1BPVzI5TGRUUURvV2c9PSIsInZhbHVlIjoiUUh5K2ZaQ284YjNxanAyWEtHNnE1VEIrWlwvdWxRT1BZWDlzd3o3dStuSWh4K0l0NnNvc1F3YXo1aDJIZ3lRbGFhXC8zdDJFUDlRam5ydCttczZ5OVdBQT09IiwibWFjIjoiNDZiNzZmZjZlNGVmMGRiNTYzODcyNTA2MGQ0MjYzNmJkYzUyZWQ5ZWZjZDUxNzU2NTZkOWZhNjZkZmQyMjBhMyJ9; expires=Tue, 27-Sep-2022 10:33:17 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2

www.mercadolibre.com/jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/lgz/background/session/armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a?background=armor.ee9513dd6df0f53992a25e2eac0d411f0022f5e476c6508f50a3d6d22a36760b8dc975a9888a7f6f0ab5c90cd281786ba31937096fe70d9ee6aa6d925944d988af08f12a6ef3dccdf2b4ba05cbca37a95fbadfa16636ce815b9d8d2cb9f1f94e.2f9b8078e369c37d1a54042a6ffdef0a&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 27 Sep 2022 07:33:21 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=a4e60fb6-85d3-4c9f-aad3-098eda39ccaf-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:21 GMT
dsid=1284de78-e194-406f-8574-0a9a093c6c43-1664264001772;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=0f799bde-dd39-4ccc-b62c-0ca5baeb4afa-1664264001772;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 10
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-request-device-id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-d2id: a4e60fb6-85d3-4c9f-aad3-098eda39ccaf
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2VEI6lfY1lsN2St6SwEcCjtFzx-zlOtiStCGwkszEIkimOJFwFnoLA==
X-Firefox-Spdy: h2

analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq

23.36.79.17

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i18n/pixel/events.js?sdkid=C5ORU1TODNNK397VN700&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220927073319F6A6A93466948EC88F09
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf600abfded03f52e527228925ae696ca9b54076bbcbc3ea4a0a9b6a20a6c108d96e78cdbebcc0fe81ca5f4179e1a56fe7ab486b3c31347cc1ef0428335df8280aea389f0cc63fce3257bb98ddbc72601655
content-encoding: gzip
x-origin-response-time: 8,23.218.223.21
x-akamai-request-id: 86f8c0.61c43c65
expires: Tue, 27 Sep 2022 07:33:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Sep 2022 07:33:19 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-223-21.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=8, inner; dur=4
x-parent-response-time: 109,23.36.79.13
X-Firefox-Spdy: h2

143.204.55.42

200 OK

0 B

URL HTTP/2
www.mercadolibre.com/jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jms/lgz/background?dps=armor.b8393f970d04cc2c62f2fcee8ec654e293652db1444e90c8f788d893395ca6de208e98fd16ee1e24723943b200fbeeb7d9927cf720573e878767c9ec64ab236037dc69d9cb6c50380761644d71cd2ecc80396e3562c3bc560a5c16ab0cbc8ff5.d31089d97df6a493ee3907d9c9b1e79b HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.poweroferta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Tue, 27 Sep 2022 07:33:22 GMT
server: Tengine
set-cookie: _d2id=788f17df-e1a1-4cf9-9d34-9546bf480134-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 27 Sep 2023 07:33:22 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 4
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-request-device-id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-d2id: 788f17df-e1a1-4cf9-9d34-9546bf480134
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LYcqlFGlbF5SktgN0FCDu3ihuBmfIqmbpdKrkgxJpqw4DE-wINV10Q==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (54)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations