Overview

URL linkcurto.co/1vfk0d0oywlc8
IP104.21.81.61
ASNCLOUDFLARENET
Location
Report completed2022-09-24 23:40:27 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-24 2 seguro.lojasmagazinedigital.com/cart/recomm Phishing
2022-09-24 2 seguro.lojasmagazinedigital.com/e/t Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-24 05:36:42 UTC 35.162.203.49
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-24 16:35:09 UTC 142.250.74.164
mnemonic passive DNS api.siteblindado.com (1) 326135 2019-05-16 05:27:10 UTC 2022-09-24 13:43:08 UTC 23.36.79.17
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-24 04:24:09 UTC 64.233.162.156
mnemonic passive DNS www.facebook.com (9) 99 2017-01-30 05:00:00 UTC 2022-09-24 04:14:02 UTC 157.240.200.35
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-24 04:54:11 UTC 151.101.86.137
mnemonic passive DNS github.bubbstore.com (6) 0 2018-10-11 16:37:24 UTC 2022-09-21 03:50:15 UTC 172.67.149.218 Unknown ranking
mnemonic passive DNS awesome-assets.yampi.me (2) 708511 2019-08-08 18:25:49 UTC 2022-09-24 10:25:16 UTC 104.26.2.88
mnemonic passive DNS analytics.tiktok.com (36) 1182 2020-02-29 13:09:05 UTC 2022-09-24 05:57:55 UTC 23.36.79.17
mnemonic passive DNS fonts.dooki.com.br (1) 829308 2018-11-23 22:20:24 UTC 2022-09-24 10:25:16 UTC 104.18.0.53
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-24 19:30:16 UTC 93.184.220.29
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-24 04:30:38 UTC 162.247.241.14
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-24 15:49:37 UTC 143.204.55.115
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-24 04:22:29 UTC 34.120.237.76
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-24 04:21:47 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS s3.sa-east-1.amazonaws.com (2) 60686 2017-11-14 13:15:14 UTC 2022-09-24 10:36:42 UTC 16.12.1.20
mnemonic passive DNS js.upnid.com (1) 0 2020-06-23 15:36:07 UTC 2022-09-24 10:25:16 UTC 130.211.14.112 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-24 19:28:53 UTC 142.250.74.10
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-24 04:22:23 UTC 34.117.237.239
mnemonic passive DNS cdn.shopify.com (1) 2327 2012-06-22 18:37:14 UTC 2022-09-24 08:55:21 UTC 104.16.254.71
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-24 13:20:05 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS linkcurto.co (2) 0 2020-11-27 12:00:42 UTC 2022-09-24 16:33:33 UTC 104.21.81.61 Unknown ranking
mnemonic passive DNS linkcurto.co (2) 0 2020-11-27 12:00:42 UTC 2022-09-24 16:33:33 UTC 172.67.157.46 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-24 04:26:56 UTC 34.160.144.191
mnemonic passive DNS ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-09-24 04:23:20 UTC 142.250.74.3
mnemonic passive DNS seguro.lojasmagazinedigital.com (4) 0 2022-09-03 19:41:22 UTC 2022-09-24 23:40:14 UTC 170.82.173.30 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-24 19:39:32 UTC 142.250.74.174
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-24 04:21:59 UTC 157.240.200.14
mnemonic passive DNS cdn.yampi.me (1) 309436 2019-12-08 15:51:20 UTC 2022-09-24 10:25:16 UTC 104.26.2.88


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.81.61

Date UQ / IDS / BL URL IP
2022-11-08 06:55:26 +0000
0 - 0 - 7 linkcurto.co/8l4bnq3zfk004 104.21.81.61
2022-11-08 05:45:25 +0000
0 - 0 - 1 linkcurto.co/esvqjlkdu5cks 104.21.81.61
2022-10-26 05:25:25 +0000
0 - 0 - 4 linkcurto.co/h1lnedorbjsw8 104.21.81.61
2022-10-24 05:40:24 +0000
0 - 0 - 2 linkcurto.co/cpncjttbh008k 104.21.81.61
2022-10-23 22:40:25 +0000
0 - 0 - 2 linkcurto.co/a3jns8tcyawo8 104.21.81.61

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-28 10:32:25 +0000
0 - 0 - 16 www.bokepfilm.com/ 172.67.221.11
2022-11-28 10:29:43 +0000
0 - 0 - 2 www.topoffersus.com/offer/sfs-11-sso?tid=2d92 (...) 172.67.70.199
2022-11-28 10:26:02 +0000
0 - 0 - 1 th72yk1.cn/ 172.67.175.253
2022-11-28 10:25:02 +0000
0 - 0 - 2 id9234342verify.com/login.php 104.21.58.222
2022-11-28 10:23:27 +0000
0 - 0 - 1 www.wompi.la/ 172.67.210.162

Last 5 reports on domain: linkcurto.co

Date UQ / IDS / BL URL IP
2022-11-24 05:00:36 +0000
0 - 0 - 3 linkcurto.co/4cuute3rwbi8c 172.67.157.46
2022-11-08 06:55:26 +0000
0 - 0 - 7 linkcurto.co/8l4bnq3zfk004 104.21.81.61
2022-11-08 05:45:25 +0000
0 - 0 - 1 linkcurto.co/esvqjlkdu5cks 104.21.81.61
2022-10-27 22:42:26 +0000
0 - 0 - 2 linkcurto.co/fccazgrho0g8c 172.67.157.46
2022-10-27 14:37:34 +0000
0 - 0 - 2 linkcurto.co/i5jb1sdfxo8ws 172.67.157.46

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-27 14:31:03 +0000
0 - 0 - 2 seguro.lojasmagazinedigital.com/cart?cart_tok (...) 170.82.173.30
2022-10-25 05:10:34 +0000
0 - 0 - 2 seguro.lojasmagazinedigital.com/cart?cart_tok (...) 170.82.174.30
2022-10-25 05:10:33 +0000
0 - 0 - 2 seguro.lojasmagazinedigital.com/checkout/paym (...) 170.82.174.30
2022-10-24 05:40:24 +0000
0 - 0 - 2 linkcurto.co/cpncjttbh008k 104.21.81.61
2022-10-08 22:26:01 +0000
0 - 0 - 2 seguro.lojasmagazinedigital.com/cart?cart_tok (...) 170.82.174.30


JavaScript

Executed Scripts (49)


Executed Evals (5)

#1 JavaScript::Eval (size: 15551, repeated: 1) - SHA256: 391dcf6365f4c1166d6427eab30eae9c2e563c7d7f62f24d01005a2d9976fdde

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var u = function(D) {
            return D
        },
        O = function(D, J) {
            if (J = (D = null, P.trustedTypes), !J || !J.createPolicy) return D;
            try {
                D = J.createPolicy("bg", {
                    createHTML: u,
                    createScript: u,
                    createScriptURL: u
                })
            } catch (C) {
                P.console && P.console.error(C.message)
            }
            return D
        },
        P = this || self;
    (0, eval)(function(D, J) {
        return (J = O()) && 1 === D.eval(J.createScript("1")) ? function(C) {
            return J.createScript(C)
        } : function(C) {
            return "" + C
        }
    }(P)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var M=function(D,J){D.Y.splice(0,0,J)},E={passive:true,capture:true},De=function(D,J){return[(D(function(u){u(J)}),function(){return J})]},JC=function(D,J,u){if("object"==(u=typeof D,u))if(D){if(D instanceof Array)return"array";if(D instanceof Object)return u;if(J=Object.prototype.toString.call(D),"[object Window]"==J)return"object";if("[object Array]"==J||"number"==typeof D.length&&"undefined"!=typeof D.splice&&"undefined"!=typeof D.propertyIsEnumerable&&!D.propertyIsEnumerable("splice"))return"array";if("[object Function]"==J||"undefined"!=typeof D.call&&"undefined"!=typeof D.propertyIsEnumerable&&!D.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==u&&"undefined"==typeof D.call)return"object";return u},p=function(D){return D.u?Cz(D.S,D):d(true,8,D)},um=function(D){return D},Pj=function(D,J){J.push(D[0]<<24|D[1]<<16|D[2]<<8|D[3]),J.push(D[4]<<24|D[5]<<16|D[6]<<8|D[7]),J.push(D[8]<<24|D[9]<<16|D[10]<<8|D[11])},mM=function(D,J,u,P,g){y(D,(((u=X(D,(P=(u=x((g=J&3,J&=4,D)),x(D)),u)),J)&&(u=O4(""+u)),g)&&y(D,P,N(2,u.length)),P),u)},E4=function(D,J,u,P,g){if((P=D[0],P)==Z)J.v=25,J.i(D);else if(P==l){u=D[1];try{g=J.K||J.i(D)}catch(C){r(J,C),g=J.K}u(g)}else if(P==hC)J.i(D);else if(P==e)J.i(D);else if(P==gc){try{for(g=0;g<J.o.length;g++)try{u=J.o[g],u[0][u[1]](u[2])}catch(C){}}catch(C){}(0,D[J.o=[],1])(function(C,m){J.H(C,true,m)},function(C){(M(J,(C=!J.Y.length,[oq])),C)&&Q(false,J,true)})}else{if(P==V)return g=D[2],W(J,149,D[6]),W(J,138,g),J.i(D);P==oq?(J.O=[],J.W=null,J.J=[]):P==Sy&&"loading"===b.document.readyState&&(J.C=function(C,m){function O(){m||(m=true,C())}b.document.addEventListener("DOMContentLoaded",(m=false,O),E),b.addEventListener("load",O,E)})}},jy=function(D,J){return R[D](R.prototype,{stack:J,pop:J,splice:J,call:J,length:J,document:J,console:J,propertyIsEnumerable:J,prototype:J,floor:J,replace:J,parent:J})},A=function(D,J,u,P,g,C,m,O,h){if(D.A+=(D.V=((h=(O=(J||D.s++,0<D.F)&&D.U&&D.YJ&&1>=D.B&&!D.u&&!D.C&&(!J||1<D.G-P)&&0==document.hidden,(m=4==D.s)||O?D.P():D.I),C=h-D.I,g=C>>14,D.l)&&(D.l^=g*(C<<2)),g)||D.V,g),m||O)D.s=0,D.I=h;if(!O||h-D.N<D.F-(u?255:J?5:2))return false;return D.C=((W(D,(u=X(D,(D.G=P,J?330:41)),41),D.R),D.Y).push([hC,u,J?P+1:P]),Y),true},dc=function(D,J,u,P){for(;J.Y.length;){P=(J.C=null,J.Y).pop();try{u=E4(P,J)}catch(g){r(J,g)}if(D&&J.C){D=J.C,D(function(){Q(true,J,true)});break}}return u},z$=function(D,J,u){return u=R[D.L](D.P$),u[D.L]=function(){return J},u.concat=function(P){J=P},u},Hj=function(D,J,u,P,g,C){for(u=(g=(J=((P=(C=D[pz]||{},x(D)),C).EB=x(D),C.g=[],D.V==D)?(p(D)|0)-1:1,x)(D),0);u<J;u++)C.g.push(x(D));for(C.Z=X(D,P);J--;)C.g[J]=X(D,C.g[J]);return C.W$=X(D,g),C},Q=function(D,J,u,P,g,C){if(J.Y.length){(J.U=!(J.U&&0(),0),J).YJ=u;try{P=J.P(),J.N=P,J.I=P,J.s=0,C=dc(u,J),g=J.P()-J.N,J.T+=g,g<(D?0:10)||0>=J.v--||(g=Math.floor(g),J.J.push(254>=g?g:254))}finally{J.U=false}return C}},n=function(D,J,u,P,g,C){if(!D.j){if((u=X(D,(J=((P=X(D,((C=void 0,u)&&u[0]===L&&(C=u[2],J=u[1],u=void 0),334)),0==P.length)&&(g=X(D,330)>>3,P.push(J,g>>8&255,g&255),void 0!=C&&P.push(C&255)),""),u&&(u.message&&(J+=u.message),u.stack&&(J+=":"+u.stack)),199)),3)<u){D.V=(C=(J=O4((u-=(J=J.slice(0,(u|0)-3),(J.length|0)+3),J)),D).V,D);try{y(D,325,N(2,J.length).concat(J),9)}finally{D.V=C}}W(D,199,u)}},N=function(D,J,u,P){for(P=(D|0)-(u=[],1);0<=P;P--)u[(D|0)-1-(P|0)]=J>>8*P&255;return u},$N=function(D,J,u,P){return(P=T[D.substring(0,3)+"_"])?P(D.substring(3),J,u):De(J,D)},t,qt=function(D,J,u,P){try{P=D[((J|0)+2)%3],D[J]=(D[J]|0)-(D[((J|0)+1)%3]|0)-(P|0)^(1==J?P<<u:P>>>u)}catch(g){throw g;}},x=function(D,J){if(D.u)return Cz(D.S,D);return J=d(true,8,D),J&128&&(J^=128,D=d(true,2,D),J=(J<<2)+(D|0)),J},U4=function(D,J){W(((J.Kr.push(J.W.slice()),J.W)[41]=void 0,J),41,D)},y=function(D,J,u,P,g,C){if(D.V==D)for(C=X(D,J),325==J?(J=function(m,O,h,S){if((S=(O=C.length,(O|0)-4)>>3,C.nr)!=S){C.nr=S,S=(h=[0,0,g[1],g[2]],(S<<3)-4);try{C.Rw=wc(h,vj((S|0)+4,C),vj(S,C))}catch(z){throw z;}}C.push(C.Rw[O&7]^m)},g=X(D,269)):J=function(m){C.push(m)},P&&J(P&255),D=0,P=u.length;D<P;D++)J(u[D])},W=function(D,J,u){if(41==J||330==J)D.W[J]?D.W[J].concat(u):D.W[J]=z$(D,u);else{if(D.j&&504!=J)return;498==J||325==J||294==J||334==J||269==J?D.W[J]||(D.W[J]=xN(D,110,u,J)):D.W[J]=xN(D,89,u,J)}504==J&&(D.l=d(false,32,D),D.X=void 0)},d=function(D,J,u,P,g,C,m,O,h,S,z,H,U,q){if((g=X(u,41),g)>=u.R)throw[L,31];for(z=(h=(O=0,U=J,u.Xu.length),g);0<U;)S=z%8,H=8-(S|0),H=H<U?H:U,q=z>>3,m=u.O[q],D&&(C=u,C.X!=z>>6&&(C.X=z>>6,P=X(C,504),C.D=wc([0,0,P[1],P[2]],C.X,C.l)),m^=u.D[q&h]),z+=H,O|=(m>>8-(S|0)-(H|0)&(1<<H)-1)<<(U|0)-(H|0),U-=H;return W(u,41,(D=O,(g|0)+(J|0))),D},XY=function(D,J){return(J=p(D),J)&128&&(J=J&127|p(D)<<7),J},yP=function(D,J,u,P,g,C){function m(){if(P.V==P){if(P.W){var O=[V,J,u,void 0,g,C,arguments];if(2==D)var h=Q(false,(M(P,O),P),false);else if(1==D){var S=!P.Y.length;(M(P,O),S)&&Q(false,P,false)}else h=E4(O,P);return h}g&&C&&g.removeEventListener(C,m,E)}}return m},rc=function(D,J,u,P,g){for(D.P$=(D.Xu=(D.Sq=fz,D.iS=Nt,D[l]),D.Vv=jy(D.L,{get:function(){return this.concat()}}),R[D.L](D.Vv,{value:{value:{}}})),g=0,P=[];128>g;g++)P[g]=String.fromCharCode(g);(M(D,(M(D,(M(D,(W(D,(a(D,function(C){lm(4,C)},(a((a(D,(a((a(D,function(C,m,O,h){W(C,(h=X(C,(m=(O=(h=x(C),x)(C),x(C)),h)),O=X(C,O),m),+(h==O))},(W(D,199,(a(D,(a(D,function(C,m,O,h){W(C,(O=(h=x(C),m=p(C),x(C)),O),X(C,h)>>>m)},(W(D,485,(W(D,(W(D,269,(W(D,334,(a(D,(a(D,function(C,m,O,h,S,z){if(!A(C,true,true,m)){if("object"==JC((C=(S=X((h=(h=(z=(m=(S=x(C),x(C)),x(C)),x)(C),m=X(C,m),X(C,h)),C),S),X(C,z)),S))){for(O in z=[],S)z.push(O);S=z}for(z=(C=(O=0,0<C?C:1),S.length);O<z;O+=C)m(S.slice(O,(O|0)+(C|0)),h)}},(W(D,(a(D,function(C,m,O,h){if(O=C.Kr.pop()){for(h=p(C);0<h;h--)m=x(C),O[m]=C.W[m];C.W=(O[199]=(O[334]=C.W[334],C.W)[199],O)}else W(C,41,C.R)},(a(D,function(){},(D.B$=(W(D,498,[160,(a((W(D,(a(D,function(C,m,O){A(C,true,false,m)||(m=x(C),O=x(C),W(C,O,function(h){return eval(h)}(FY(X(C.V,m)))))},(W(D,(a(D,function(C,m,O,h,S,z){A(C,true,false,m)||(h=Hj(C.V),z=h.Z,S=h.W$,m=h.EB,h=h.g,O=h.length,z=0==O?new S[z]:1==O?new S[z](h[0]):2==O?new S[z](h[0],h[1]):3==O?new S[z](h[0],h[1],h[2]):4==O?new S[z](h[0],h[1],h[2],h[3]):2(),W(C,m,z))},(a(D,function(C,m,O){W((m=(O=x(C),x(C)),C),m,""+X(C,O))},(a(D,function(C,m,O,h){!A(C,true,false,m)&&(m=Hj(C),h=m.Z,O=m.W$,C.V==C||h==C.Lr&&O==C)&&(W(C,m.EB,h.apply(O,m.g)),C.I=C.P())},(((a(D,function(C,m,O,h,S){W(C,(O=X(C,(S=X(C,(h=X(C,(S=(h=(O=(m=x(C),x(C)),x(C)),x(C)),h)),S)),O)),m),yP(S,O,h,C))},(a(D,(a(D,function(C,m,O,h,S){(m=X(C,(h=(S=X(C,(O=(m=(O=x(C),S=x(C),h=x(C),x)(C),X(C.V,O)),S)),X(C,h)),m)),0!==O)&&(m=yP(1,h,m,C,O,S),O.addEventListener(S,m,E),W(C,298,[O,S,m]))},(((a(D,function(C,m,O){W(C,(m=(O=x((m=x(C),C)),X(C,m)),m=JC(m),O),m)},(a(D,function(C,m,O,h){O=X(C,(h=X(C,(m=x((O=x(C),C)),m)),O)),W(C,m,h+O)},(a((a((a(D,function(C,m,O,h,S,z,H){for(H=X(C,(m=(h=x(C),XY)(C),O="",245)),S=H.length,z=0;m--;)z=((z|0)+(XY(C)|0))%S,O+=P[H[z]];W(C,h,O)},(D.xJ=(W((D.tf=(D.YJ=(D.OB=0,D.v=25,(D.J=[],D.X=void 0,D).G=8001,(D.Lr=function(C){this.V=C},D).N=(D.D=(D.s=void 0,D.C=null,void 0),D.O=[],D.W=(D.F=0,g=((D.Y=[],D).I=0,window.performance||{}),[]),D.B=0,D.S=void 0,D.T=0,0),D.l=(D.R=0,D.j=false,void 0),D.Kr=((D.o=[],D.A=1,D).u=void 0,[]),false),D.K=void 0,D.U=(D.V=D,false),g.timeOrigin||(g.timing||{}).navigationStart)||0,W(D,41,0),D),330,0),a(D,function(C){mM(C,4)},128),0),259)),D),function(C,m,O,h,S,z,H,U,q,v,f,w){function B(F,k){for(;U<F;)S|=p(C)<<U,U+=8;return S>>=(U-=F,k=S&(1<<F)-1,F),k}for(f=(z=(S=U=(m=x(C),0),(B(3)|0)+1),q=B(5),[]),O=v=0;v<q;v++)w=B(1),f.push(w),O+=w?0:1;for(H=(O=(v=((O|0)-1).toString(2).length,0),[]);O<q;O++)f[O]||(H[O]=B(v));for(v=0;v<q;v++)f[v]&&(H[v]=x(C));for(h=[];z--;)h.push(X(C,x(C)));a(C,function(F,k,c,Mt,G){for(G=(Mt=(c=0,[]),[]);c<q;c++){if(!(k=H[c],f)[c]){for(;k>=G.length;)G.push(x(F));k=G[k]}Mt.push(k)}F.S=(F.u=z$(F,h.slice()),z$)(F,Mt)},m)},224),D),function(C){mM(C,3)},349),307)),273)),W)(D,138,{}),W)(D,132,173),321)),function(C,m,O,h){W(C,(O=x((h=(m=x(C),x)(C),C)),O),X(C,m)||X(C,h))}),236),455)),a)(D,function(C){Ze(4,C)},487),D).NU=0,210)),a(D,function(C,m){U4((m=X(C,x(C)),m),C.V)},85),198)),46)),294),[]),70)),298),0),D),function(C,m,O){(O=(O=x((m=x(C),C)),X)(C,O),0!=X(C,m))&&W(C,41,O)},474),0),0]),a(D,function(C,m,O,h,S){for(O=(h=(m=x(C),XY(C)),[]),S=0;S<h;S++)O.push(p(C));W(C,m,O)},176),0),462)),171)),117),b),178)),function(C,m,O,h){W((m=X(C,(O=X(C,(h=x((m=x((O=x(C),C)),C)),O)),m)),C),h,O[m])}),303),[])),[0,0,0])),67),D),0)),119)),function(C,m){(C=(m=x(C),X(C.V,m)),C[0]).removeEventListener(C[1],C[2],E)}),322),2048)),59)),D),function(C){lm(1,C)},410),function(C,m,O,h){h=x((O=x((m=x(C),C)),C)),C.V==C&&(h=X(C,h),O=X(C,O),X(C,m)[O]=h,504==m&&(C.X=void 0,2==O&&(C.l=d(false,32,C),C.X=void 0)))}),509),D),function(C,m,O,h){W(C,(h=X(C,(O=X(C,(O=x((h=x(C),C)),m=x(C),O)),h)),m),h in O|0)},364),94)),325),K(4)),[Sy])),[e,u])),[gc,J])),Q)(true,D,true)},b=this||self,Cz=function(D,J){return(D=D.create().shift(),J.u.create()).length||J.S.create().length||(J.S=void 0,J.u=void 0),D},xN=function(D,J,u,P,g,C,m,O){return m=(u=[60,14,-7,(g=(O=kN,J&7),-88),72,42,u,25,-3,34],R[D.L](D.Vv)),m[D.L]=function(h){g+=6+7*J,C=h,g&=7},m.concat=function(h){return(h=(C=(h=-476*P*C+g-(h=P%16+1,h*C)+u[g+19&7]*P*h+(O()|0)*h+4*P*P*h+34*C*C- -1496*C-136*P*P*C,void 0),u[h]),u[(g+29&7)+(J&2)]=h,u)[g+(J&2)]=14,h},m},X=function(D,J){if(void 0===(D=D.W[J],D))throw[L,30,J];if(D.value)return D.create();return(D.create(4*J*J+14*J+-44),D).prototype},O4=function(D,J,u,P,g){for(g=(J=(D=D.replace(/\\r\\n/g,"\\n"),[]),u=0);g<D.length;g++)P=D.charCodeAt(g),128>P?J[u++]=P:(2048>P?J[u++]=P>>6|192:(55296==(P&64512)&&g+1<D.length&&56320==(D.charCodeAt(g+1)&64512)?(P=65536+((P&1023)<<10)+(D.charCodeAt(++g)&1023),J[u++]=P>>18|240,J[u++]=P>>12&63|128):J[u++]=P>>12|224,J[u++]=P>>6&63|128),J[u++]=P&63|128);return J},Ze=function(D,J,u,P){for(P=x(J),u=0;0<D;D--)u=u<<8|p(J);W(J,P,u)},lm=function(D,J,u,P){y(J,(u=x(J),P=x(J),P),N(D,X(J,u)))},K=function(D,J){for(J=[];D--;)J.push(255*Math.random()|0);return J},ey=function(D,J,u){if(3==D.length){for(u=0;3>u;u++)J[u]+=D[u];for(u=[13,8,13,12,(D=0,16),5,3,10,15];9>D;D++)J[3](J,D%3,u[D])}},a=function(D,J,u){(W(D,u,J),J)[Sy]=2796},wc=function(D,J,u,P,g){for(D=D[g=0,P=D[2]|0,3]|0;14>g;g++)J=J>>>8|J<<24,D=D>>>8|D<<24,D+=P|0,J+=u|0,J^=P+3261,u=u<<3|u>>>29,D^=g+3261,P=P<<3|P>>>29,u^=J,P^=D;return[u>>>24&255,u>>>16&255,u>>>8&255,u>>>0&255,J>>>24&255,J>>>16&255,J>>>8&255,J>>>0&255]},r=function(D,J){D.K=((D.K?D.K+"~":"E:")+J.message+":"+J.stack).slice(0,2048)},QP=function(D,J,u,P,g,C){if(!D.K){D.B++;try{for(g=(P=(u=0,void 0),D.R);--J;)try{if(C=void 0,D.u)P=Cz(D.u,D);else{if((u=X(D,41),u)>=g)break;P=(C=(W(D,330,u),x(D)),X(D,C))}A(D,(P&&P[oq]&2048?P(D,J):n(D,0,[L,21,C]),false),false,J)}catch(m){X(D,132)?n(D,22,m):W(D,132,m)}if(!J){if(D.aw){(D.B--,QP)(D,439541719848);return}n(D,0,[L,33])}}catch(m){try{n(D,22,m)}catch(O){r(D,O)}}D.B--}},im=function(D,J,u){return D.H(function(P){u=P},false,J),u},Y=b.requestIdleCallback?function(D){requestIdleCallback(function(){D()},{timeout:4})}:b.setImmediate?function(D){setImmediate(D)}:function(D){setTimeout(D,0)},vj=function(D,J){return J[D]<<24|J[(D|0)+1]<<16|J[(D|0)+2]<<8|J[(D|0)+3]},I=function(D,J,u){u=this;try{rc(this,J,D)}catch(P){r(this,P),J(function(g){g(u.K)})}},VP=function(D,J,u,P){function g(){}return P=$N(D,function(C){g&&(J&&Y(J),u=C,g(),g=void 0)},(u=void 0,!!J))[0],{invoke:function(C,m,O,h){function S(){u(function(z){Y(function(){C(z)})},O)}if(!m)return m=P(O),C&&C(m),m;u?S():(h=g,g=function(){h(),Y(S)})}}},Bj=function(D,J){if((D=(J=b.trustedTypes,null),!J)||!J.createPolicy)return D;try{D=J.createPolicy("bg",{createHTML:um,createScript:um,createScriptURL:um})}catch(u){b.console&&b.console.error(u.message)}return D},T,Wj=function(D,J,u,P){return X(u,(W(u,41,(QP(u,(P=X(u,41),u.O&&P<u.R?(W(u,41,u.R),U4(D,u)):W(u,41,D),J)),P)),138))},pz=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),hC=[],L={},gc=(I.prototype.zn=void 0,I.prototype.m3=void 0,I.prototype.h="toString",[]),oq=[],Sy=[],Z=[],l=(I.prototype.aw=false,[]),V=[],e=[],R=(((((t=(Pj,K,qt,ey,I).prototype,t).H=function(D,J,u,P,g){if(u="array"===JC(u)?u:[u],this.K)D(this.K);else try{g=!this.Y.length,P=[],M(this,[Z,P,u]),M(this,[l,D,P]),J&&!g||Q(true,this,J)}catch(C){r(this,C),D(this.K)}},t.P=(window.performance||{}).now?function(){return this.tf+window.performance.now()}:function(){return+new Date},t).Iw=function(D,J,u,P,g,C){for(u=(C=[],P=0);u<D.length;u++)for(P+=J,g=g<<J|D[u];7<P;)P-=8,C.push(g>>P&255);return C},t).Qv=function(){return Math.floor(this.P())},t.lS=function(D,J,u){return D^(J^=J<<13,J^=J>>17,(J=(J^J<<5)&u)||(J=1),J)},I.prototype).L="create",t.wy=function(D,J,u,P,g){for(P=g=0;g<D.length;g++)P+=D.charCodeAt(g),P+=P<<10,P^=P>>6;return D=(P+=P<<3,P^=P>>11,P+(P<<15))>>>0,g=new Number(D&(1<<J)-1),g[0]=(D>>>J)%u,g},L.constructor),kN=(t.gy=function(){return Math.floor(this.T+(this.P()-this.N))},void 0),Nt=(I.prototype.i=function(D,J){return D=(kN=function(){return D==J?-44:-78},J={},{}),function(u,P,g,C,m,O,h,S,z,H,U,q,v,f,w){D=(m=D,J);try{if(f=u[0],f==e){O=u[1];try{for(w=(q=(P=g=0,atob(O)),[]);P<q.length;P++)h=q.charCodeAt(P),255<h&&(w[g++]=h&255,h>>=8),w[g++]=h;W(this,(this.R=(this.O=w,this).O.length<<3,504),[0,0,0])}catch(B){n(this,17,B);return}QP(this,8001)}else if(f==Z)u[1].push(X(this,199),X(this,294).length,X(this,498).length,X(this,325).length),W(this,138,u[2]),this.W[217]&&Wj(X(this,217),8001,this);else{if(f==l){this.V=(z=(C=N(2,((g=u[2],X)(this,498).length|0)+2),this.V),this);try{H=X(this,334),0<H.length&&y(this,498,N(2,H.length).concat(H),10),y(this,498,N(1,this.A),109),y(this,498,N(1,this[l].length)),q=0,q+=X(this,485)&2047,U=X(this,325),q-=(X(this,498).length|0)+5,4<U.length&&(q-=(U.length|0)+3),0<q&&y(this,498,N(2,q).concat(K(q)),15),4<U.length&&y(this,498,N(2,U.length).concat(U),156)}finally{this.V=z}if(v=((((w=K(2).concat(X(this,498)),w)[1]=w[0]^6,w)[3]=w[1]^C[0],w)[4]=w[1]^C[1],this.uS(w)))v="!"+v;else for(q=0,v="";q<w.length;q++)S=w[q][this.h](16),1==S.length&&(S="0"+S),v+=S;return X((X(this,(X(this,((P=v,W)(this,199,g.shift()),294)).length=g.shift(),498)).length=g.shift(),this),325).length=g.shift(),P}if(f==hC)Wj(u[1],u[2],this);else if(f==V)return Wj(u[1],8001,this)}}finally{D=m}}}(),/./),fz,bm=(I.prototype.Cr=(I.prototype[gc]=[0,0,1,1,0,1,1],(I.prototype.uS=function(D,J,u,P){if(J=window.btoa){for(P=(u=0,"");u<D.length;u+=8192)P+=String.fromCharCode.apply(null,D.slice(u,u+8192));D=J(P).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else D=void 0;return D},I.prototype).UB=0,0),e).pop.bind(I.prototype[Z]),FY=((fz=jy(I.prototype.L,(Nt[I.prototype.h]=bm,{get:bm})),I).prototype.MU=void 0,function(D,J){return(J=Bj())&&1===D.eval(J.createScript("1"))?function(u){return J.createScript(u)}:function(u){return""+u}})(b);40<(T=b.botguard||(b.botguard={}),T.m)||(T.m=41,T.bg=VP,T.a=$N),T.fBW_=function(D,J,u){return[(u=new I(D,J),function(P){return im(u,P)})]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 64, repeated: 1) - SHA256: fa8cf4d758bc351b80d58fb3adc340342d4662dec22de0db7b51e1a5348972c7

                                        0,
function(C, m, O) {
    W(C, (O = (m = x((O = x(C), C)), C).W[O] && X(C, O), m), O)
}
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: f2eead9b8c258f71b9b23b43d9a8cf400c72342d7be7a5b6f16a70dddc5f9196

                                        0,
function(C) {
    Ze(2, C)
}
                                    

#4 JavaScript::Eval (size: 20578, repeated: 1) - SHA256: 2140f30ac264c0c0c97d953d60e749ca2121905dd03606461c6574eb2305ea20

                                        (function() {
    var M = function(D, J) {
            D.Y.splice(0, 0, J)
        },
        E = {
            passive: true,
            capture: true
        },
        De = function(D, J) {
            return [(D(function(u) {
                u(J)
            }), function() {
                return J
            })]
        },
        JC = function(D, J, u) {
            if ("object" == (u = typeof D, u))
                if (D) {
                    if (D instanceof Array) return "array";
                    if (D instanceof Object) return u;
                    if (J = Object.prototype.toString.call(D), "[object Window]" == J) return "object";
                    if ("[object Array]" == J || "number" == typeof D.length && "undefined" != typeof D.splice && "undefined" != typeof D.propertyIsEnumerable && !D.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == J || "undefined" != typeof D.call && "undefined" != typeof D.propertyIsEnumerable && !D.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == u && "undefined" == typeof D.call) return "object";
            return u
        },
        p = function(D) {
            return D.u ? Cz(D.S, D) : d(true, 8, D)
        },
        um = function(D) {
            return D
        },
        Pj = function(D, J) {
            J.push(D[0] << 24 | D[1] << 16 | D[2] << 8 | D[3]), J.push(D[4] << 24 | D[5] << 16 | D[6] << 8 | D[7]), J.push(D[8] << 24 | D[9] << 16 | D[10] << 8 | D[11])
        },
        mM = function(D, J, u, P, g) {
            y(D, (((u = X(D, (P = (u = x((g = J & 3, J &= 4, D)), x(D)), u)), J) && (u = O4("" + u)), g) && y(D, P, N(2, u.length)), P), u)
        },
        E4 = function(D, J, u, P, g) {
            if ((P = D[0], P) == Z) J.v = 25, J.i(D);
            else if (P == l) {
                u = D[1];
                try {
                    g = J.K || J.i(D)
                } catch (C) {
                    r(J, C), g = J.K
                }
                u(g)
            } else if (P == hC) J.i(D);
            else if (P == e) J.i(D);
            else if (P == gc) {
                try {
                    for (g = 0; g < J.o.length; g++) try {
                        u = J.o[g], u[0][u[1]](u[2])
                    } catch (C) {}
                } catch (C) {}(0, D[J.o = [], 1])(function(C, m) {
                    J.H(C, true, m)
                }, function(C) {
                    (M(J, (C = !J.Y.length, [oq])), C) && Q(false, J, true)
                })
            } else {
                if (P == V) return g = D[2], W(J, 149, D[6]), W(J, 138, g), J.i(D);
                P == oq ? (J.O = [], J.W = null, J.J = []) : P == Sy && "loading" === b.document.readyState && (J.C = function(C, m) {
                    function O() {
                        m || (m = true, C())
                    }
                    b.document.addEventListener("DOMContentLoaded", (m = false, O), E), b.addEventListener("load", O, E)
                })
            }
        },
        jy = function(D, J) {
            return R[D](R.prototype, {
                stack: J,
                pop: J,
                splice: J,
                call: J,
                length: J,
                document: J,
                console: J,
                propertyIsEnumerable: J,
                prototype: J,
                floor: J,
                replace: J,
                parent: J
            })
        },
        A = function(D, J, u, P, g, C, m, O, h) {
            if (D.A += (D.V = ((h = (O = (J || D.s++, 0 < D.F) && D.U && D.YJ && 1 >= D.B && !D.u && !D.C && (!J || 1 < D.G - P) && 0 == document.hidden, (m = 4 == D.s) || O ? D.P() : D.I), C = h - D.I, g = C >> 14, D.l) && (D.l ^= g * (C << 2)), g) || D.V, g), m || O) D.s = 0, D.I = h;
            if (!O || h - D.N < D.F - (u ? 255 : J ? 5 : 2)) return false;
            return D.C = ((W(D, (u = X(D, (D.G = P, J ? 330 : 41)), 41), D.R), D.Y).push([hC, u, J ? P + 1 : P]), Y), true
        },
        dc = function(D, J, u, P) {
            for (; J.Y.length;) {
                P = (J.C = null, J.Y).pop();
                try {
                    u = E4(P, J)
                } catch (g) {
                    r(J, g)
                }
                if (D && J.C) {
                    D = J.C, D(function() {
                        Q(true, J, true)
                    });
                    break
                }
            }
            return u
        },
        z$ = function(D, J, u) {
            return u = R[D.L](D.P$), u[D.L] = function() {
                return J
            }, u.concat = function(P) {
                J = P
            }, u
        },
        Hj = function(D, J, u, P, g, C) {
            for (u = (g = (J = ((P = (C = D[pz] || {}, x(D)), C).EB = x(D), C.g = [], D.V == D) ? (p(D) | 0) - 1 : 1, x)(D), 0); u < J; u++) C.g.push(x(D));
            for (C.Z = X(D, P); J--;) C.g[J] = X(D, C.g[J]);
            return C.W$ = X(D, g), C
        },
        Q = function(D, J, u, P, g, C) {
            if (J.Y.length) {
                (J.U = !(J.U && 0(), 0), J).YJ = u;
                try {
                    P = J.P(), J.N = P, J.I = P, J.s = 0, C = dc(u, J), g = J.P() - J.N, J.T += g, g < (D ? 0 : 10) || 0 >= J.v-- || (g = Math.floor(g), J.J.push(254 >= g ? g : 254))
                } finally {
                    J.U = false
                }
                return C
            }
        },
        n = function(D, J, u, P, g, C) {
            if (!D.j) {
                if ((u = X(D, (J = ((P = X(D, ((C = void 0, u) && u[0] === L && (C = u[2], J = u[1], u = void 0), 334)), 0 == P.length) && (g = X(D, 330) >> 3, P.push(J, g >> 8 & 255, g & 255), void 0 != C && P.push(C & 255)), ""), u && (u.message && (J += u.message), u.stack && (J += ":" + u.stack)), 199)), 3) < u) {
                    D.V = (C = (J = O4((u -= (J = J.slice(0, (u | 0) - 3), (J.length | 0) + 3), J)), D).V, D);
                    try {
                        y(D, 325, N(2, J.length).concat(J), 9)
                    } finally {
                        D.V = C
                    }
                }
                W(D, 199, u)
            }
        },
        N = function(D, J, u, P) {
            for (P = (D | 0) - (u = [], 1); 0 <= P; P--) u[(D | 0) - 1 - (P | 0)] = J >> 8 * P & 255;
            return u
        },
        $N = function(D, J, u, P) {
            return (P = T[D.substring(0, 3) + "_"]) ? P(D.substring(3), J, u) : De(J, D)
        },
        t, qt = function(D, J, u, P) {
            try {
                P = D[((J | 0) + 2) % 3], D[J] = (D[J] | 0) - (D[((J | 0) + 1) % 3] | 0) - (P | 0) ^ (1 == J ? P << u : P >>> u)
            } catch (g) {
                throw g;
            }
        },
        x = function(D, J) {
            if (D.u) return Cz(D.S, D);
            return J = d(true, 8, D), J & 128 && (J ^= 128, D = d(true, 2, D), J = (J << 2) + (D | 0)), J
        },
        U4 = function(D, J) {
            W(((J.Kr.push(J.W.slice()), J.W)[41] = void 0, J), 41, D)
        },
        y = function(D, J, u, P, g, C) {
            if (D.V == D)
                for (C = X(D, J), 325 == J ? (J = function(m, O, h, S) {
                        if ((S = (O = C.length, (O | 0) - 4) >> 3, C.nr) != S) {
                            C.nr = S, S = (h = [0, 0, g[1], g[2]], (S << 3) - 4);
                            try {
                                C.Rw = wc(h, vj((S | 0) + 4, C), vj(S, C))
                            } catch (z) {
                                throw z;
                            }
                        }
                        C.push(C.Rw[O & 7] ^ m)
                    }, g = X(D, 269)) : J = function(m) {
                        C.push(m)
                    }, P && J(P & 255), D = 0, P = u.length; D < P; D++) J(u[D])
        },
        W = function(D, J, u) {
            if (41 == J || 330 == J) D.W[J] ? D.W[J].concat(u) : D.W[J] = z$(D, u);
            else {
                if (D.j && 504 != J) return;
                498 == J || 325 == J || 294 == J || 334 == J || 269 == J ? D.W[J] || (D.W[J] = xN(D, 110, u, J)) : D.W[J] = xN(D, 89, u, J)
            }
            504 == J && (D.l = d(false, 32, D), D.X = void 0)
        },
        d = function(D, J, u, P, g, C, m, O, h, S, z, H, U, q) {
            if ((g = X(u, 41), g) >= u.R) throw [L, 31];
            for (z = (h = (O = 0, U = J, u.Xu.length), g); 0 < U;) S = z % 8, H = 8 - (S | 0), H = H < U ? H : U, q = z >> 3, m = u.O[q], D && (C = u, C.X != z >> 6 && (C.X = z >> 6, P = X(C, 504), C.D = wc([0, 0, P[1], P[2]], C.X, C.l)), m ^= u.D[q & h]), z += H, O |= (m >> 8 - (S | 0) - (H | 0) & (1 << H) - 1) << (U | 0) - (H | 0), U -= H;
            return W(u, 41, (D = O, (g | 0) + (J | 0))), D
        },
        XY = function(D, J) {
            return (J = p(D), J) & 128 && (J = J & 127 | p(D) << 7), J
        },
        yP = function(D, J, u, P, g, C) {
            function m() {
                if (P.V == P) {
                    if (P.W) {
                        var O = [V, J, u, void 0, g, C, arguments];
                        if (2 == D) var h = Q(false, (M(P, O), P), false);
                        else if (1 == D) {
                            var S = !P.Y.length;
                            (M(P, O), S) && Q(false, P, false)
                        } else h = E4(O, P);
                        return h
                    }
                    g && C && g.removeEventListener(C, m, E)
                }
            }
            return m
        },
        rc = function(D, J, u, P, g) {
            for (D.P$ = (D.Xu = (D.Sq = fz, D.iS = Nt, D[l]), D.Vv = jy(D.L, {get: function() {
                        return this.concat()
                    }
                }), R[D.L](D.Vv, {
                    value: {
                        value: {}
                    }
                })), g = 0, P = []; 128 > g; g++) P[g] = String.fromCharCode(g);
            (M(D, (M(D, (M(D, (W(D, (a(D, function(C) {
                lm(4, C)
            }, (a((a(D, (a((a(D, function(C, m, O, h) {
                W(C, (h = X(C, (m = (O = (h = x(C), x)(C), x(C)), h)), O = X(C, O), m), +(h == O))
            }, (W(D, 199, (a(D, (a(D, function(C, m, O, h) {
                W(C, (O = (h = x(C), m = p(C), x(C)), O), X(C, h) >>> m)
            }, (W(D, 485, (W(D, (W(D, 269, (W(D, 334, (a(D, (a(D, function(C, m, O, h, S, z) {
                if (!A(C, true, true, m)) {
                    if ("object" == JC((C = (S = X((h = (h = (z = (m = (S = x(C), x(C)), x(C)), x)(C), m = X(C, m), X(C, h)), C), S), X(C, z)), S))) {
                        for (O in z = [], S) z.push(O);
                        S = z
                    }
                    for (z = (C = (O = 0, 0 < C ? C : 1), S.length); O < z; O += C) m(S.slice(O, (O | 0) + (C | 0)), h)
                }
            }, (W(D, (a(D, function(C, m, O, h) {
                if (O = C.Kr.pop()) {
                    for (h = p(C); 0 < h; h--) m = x(C), O[m] = C.W[m];
                    C.W = (O[199] = (O[334] = C.W[334], C.W)[199], O)
                } else W(C, 41, C.R)
            }, (a(D, function() {}, (D.B$ = (W(D, 498, [160, (a((W(D, (a(D, function(C, m, O) {
                A(C, true, false, m) || (m = x(C), O = x(C), W(C, O, function(h) {
                    return eval(h)
                }(FY(X(C.V, m)))))
            }, (W(D, (a(D, function(C, m, O, h, S, z) {
                A(C, true, false, m) || (h = Hj(C.V), z = h.Z, S = h.W$, m = h.EB, h = h.g, O = h.length, z = 0 == O ? new S[z] : 1 == O ? new S[z](h[0]) : 2 == O ? new S[z](h[0], h[1]) : 3 == O ? new S[z](h[0], h[1], h[2]) : 4 == O ? new S[z](h[0], h[1], h[2], h[3]) : 2(), W(C, m, z))
            }, (a(D, function(C, m, O) {
                W((m = (O = x(C), x(C)), C), m, "" + X(C, O))
            }, (a(D, function(C, m, O, h) {
                !A(C, true, false, m) && (m = Hj(C), h = m.Z, O = m.W$, C.V == C || h == C.Lr && O == C) && (W(C, m.EB, h.apply(O, m.g)), C.I = C.P())
            }, (((a(D, function(C, m, O, h, S) {
                W(C, (O = X(C, (S = X(C, (h = X(C, (S = (h = (O = (m = x(C), x(C)), x(C)), x(C)), h)), S)), O)), m), yP(S, O, h, C))
            }, (a(D, (a(D, function(C, m, O, h, S) {
                (m = X(C, (h = (S = X(C, (O = (m = (O = x(C), S = x(C), h = x(C), x)(C), X(C.V, O)), S)), X(C, h)), m)), 0 !== O) && (m = yP(1, h, m, C, O, S), O.addEventListener(S, m, E), W(C, 298, [O, S, m]))
            }, (((a(D, function(C, m, O) {
                W(C, (m = (O = x((m = x(C), C)), X(C, m)), m = JC(m), O), m)
            }, (a(D, function(C, m, O, h) {
                O = X(C, (h = X(C, (m = x((O = x(C), C)), m)), O)), W(C, m, h + O)
            }, (a((a((a(D, function(C, m, O, h, S, z, H) {
                for (H = X(C, (m = (h = x(C), XY)(C), O = "", 245)), S = H.length, z = 0; m--;) z = ((z | 0) + (XY(C) | 0)) % S, O += P[H[z]];
                W(C, h, O)
            }, (D.xJ = (W((D.tf = (D.YJ = (D.OB = 0, D.v = 25, (D.J = [], D.X = void 0, D).G = 8001, (D.Lr = function(C) {
                this.V = C
            }, D).N = (D.D = (D.s = void 0, D.C = null, void 0), D.O = [], D.W = (D.F = 0, g = ((D.Y = [], D).I = 0, window.performance || {}), []), D.B = 0, D.S = void 0, D.T = 0, 0), D.l = (D.R = 0, D.j = false, void 0), D.Kr = ((D.o = [], D.A = 1, D).u = void 0, []), false), D.K = void 0, D.U = (D.V = D, false), g.timeOrigin || (g.timing || {}).navigationStart) || 0, W(D, 41, 0), D), 330, 0), a(D, function(C) {
                mM(C, 4)
            }, 128), 0), 259)), D), function(C, m, O, h, S, z, H, U, q, v, f, w) {
                function B(F, k) {
                    for (; U < F;) S |= p(C) << U, U += 8;
                    return S >>= (U -= F, k = S & (1 << F) - 1, F), k
                }
                for (f = (z = (S = U = (m = x(C), 0), (B(3) | 0) + 1), q = B(5), []), O = v = 0; v < q; v++) w = B(1), f.push(w), O += w ? 0 : 1;
                for (H = (O = (v = ((O | 0) - 1).toString(2).length, 0), []); O < q; O++) f[O] || (H[O] = B(v));
                for (v = 0; v < q; v++) f[v] && (H[v] = x(C));
                for (h = []; z--;) h.push(X(C, x(C)));
                a(C, function(F, k, c, Mt, G) {
                    for (G = (Mt = (c = 0, []), []); c < q; c++) {
                        if (!(k = H[c], f)[c]) {
                            for (; k >= G.length;) G.push(x(F));
                            k = G[k]
                        }
                        Mt.push(k)
                    }
                    F.S = (F.u = z$(F, h.slice()), z$)(F, Mt)
                }, m)
            }, 224), D), function(C) {
                mM(C, 3)
            }, 349), 307)), 273)), W)(D, 138, {}), W)(D, 132, 173), 321)), function(C, m, O, h) {
                W(C, (O = x((h = (m = x(C), x)(C), C)), O), X(C, m) || X(C, h))
            }), 236), 455)), a)(D, function(C) {
                Ze(4, C)
            }, 487), D).NU = 0, 210)), a(D, function(C, m) {
                U4((m = X(C, x(C)), m), C.V)
            }, 85), 198)), 46)), 294), []), 70)), 298), 0), D), function(C, m, O) {
                (O = (O = x((m = x(C), C)), X)(C, O), 0 != X(C, m)) && W(C, 41, O)
            }, 474), 0), 0]), a(D, function(C, m, O, h, S) {
                for (O = (h = (m = x(C), XY(C)), []), S = 0; S < h; S++) O.push(p(C));
                W(C, m, O)
            }, 176), 0), 462)), 171)), 117), b), 178)), function(C, m, O, h) {
                W((m = X(C, (O = X(C, (h = x((m = x((O = x(C), C)), C)), O)), m)), C), h, O[m])
            }), 303), [])), [0, 0, 0])), 67), D), 0)), 119)), function(C, m) {
                (C = (m = x(C), X(C.V, m)), C[0]).removeEventListener(C[1], C[2], E)
            }), 322), 2048)), 59)), D), function(C) {
                lm(1, C)
            }, 410), function(C, m, O, h) {
                h = x((O = x((m = x(C), C)), C)), C.V == C && (h = X(C, h), O = X(C, O), X(C, m)[O] = h, 504 == m && (C.X = void 0, 2 == O && (C.l = d(false, 32, C), C.X = void 0)))
            }), 509), D), function(C, m, O, h) {
                W(C, (h = X(C, (O = X(C, (O = x((h = x(C), C)), m = x(C), O)), h)), m), h in O | 0)
            }, 364), 94)), 325), K(4)), [Sy])), [e, u])), [gc, J])), Q)(true, D, true)
        },
        b = this || self,
        Cz = function(D, J) {
            return (D = D.create().shift(), J.u.create()).length || J.S.create().length || (J.S = void 0, J.u = void 0), D
        },
        xN = function(D, J, u, P, g, C, m, O) {
            return m = (u = [60, 14, -7, (g = (O = kN, J & 7), -88), 72, 42, u, 25, -3, 34], R[D.L](D.Vv)), m[D.L] = function(h) {
                g += 6 + 7 * J, C = h, g &= 7
            }, m.concat = function(h) {
                return (h = (C = (h = -476 * P * C + g - (h = P % 16 + 1, h * C) + u[g + 19 & 7] * P * h + (O() | 0) * h + 4 * P * P * h + 34 * C * C - -1496 * C - 136 * P * P * C, void 0), u[h]), u[(g + 29 & 7) + (J & 2)] = h, u)[g + (J & 2)] = 14, h
            }, m
        },
        X = function(D, J) {
            if (void 0 === (D = D.W[J], D)) throw [L, 30, J];
            if (D.value) return D.create();
            return (D.create(4 * J * J + 14 * J + -44), D).prototype
        },
        O4 = function(D, J, u, P, g) {
            for (g = (J = (D = D.replace(/\r\n/g, "\n"), []), u = 0); g < D.length; g++) P = D.charCodeAt(g), 128 > P ? J[u++] = P : (2048 > P ? J[u++] = P >> 6 | 192 : (55296 == (P & 64512) && g + 1 < D.length && 56320 == (D.charCodeAt(g + 1) & 64512) ? (P = 65536 + ((P & 1023) << 10) + (D.charCodeAt(++g) & 1023), J[u++] = P >> 18 | 240, J[u++] = P >> 12 & 63 | 128) : J[u++] = P >> 12 | 224, J[u++] = P >> 6 & 63 | 128), J[u++] = P & 63 | 128);
            return J
        },
        Ze = function(D, J, u, P) {
            for (P = x(J), u = 0; 0 < D; D--) u = u << 8 | p(J);
            W(J, P, u)
        },
        lm = function(D, J, u, P) {
            y(J, (u = x(J), P = x(J), P), N(D, X(J, u)))
        },
        K = function(D, J) {
            for (J = []; D--;) J.push(255 * Math.random() | 0);
            return J
        },
        ey = function(D, J, u) {
            if (3 == D.length) {
                for (u = 0; 3 > u; u++) J[u] += D[u];
                for (u = [13, 8, 13, 12, (D = 0, 16), 5, 3, 10, 15]; 9 > D; D++) J[3](J, D % 3, u[D])
            }
        },
        a = function(D, J, u) {
            (W(D, u, J), J)[Sy] = 2796
        },
        wc = function(D, J, u, P, g) {
            for (D = D[g = 0, P = D[2] | 0, 3] | 0; 14 > g; g++) J = J >>> 8 | J << 24, D = D >>> 8 | D << 24, D += P | 0, J += u | 0, J ^= P + 3261, u = u << 3 | u >>> 29, D ^= g + 3261, P = P << 3 | P >>> 29, u ^= J, P ^= D;
            return [u >>> 24 & 255, u >>> 16 & 255, u >>> 8 & 255, u >>> 0 & 255, J >>> 24 & 255, J >>> 16 & 255, J >>> 8 & 255, J >>> 0 & 255]
        },
        r = function(D, J) {
            D.K = ((D.K ? D.K + "~" : "E:") + J.message + ":" + J.stack).slice(0, 2048)
        },
        QP = function(D, J, u, P, g, C) {
            if (!D.K) {
                D.B++;
                try {
                    for (g = (P = (u = 0, void 0), D.R); --J;) try {
                        if (C = void 0, D.u) P = Cz(D.u, D);
                        else {
                            if ((u = X(D, 41), u) >= g) break;
                            P = (C = (W(D, 330, u), x(D)), X(D, C))
                        }
                        A(D, (P && P[oq] & 2048 ? P(D, J) : n(D, 0, [L, 21, C]), false), false, J)
                    } catch (m) {
                        X(D, 132) ? n(D, 22, m) : W(D, 132, m)
                    }
                    if (!J) {
                        if (D.aw) {
                            (D.B--, QP)(D, 439541719848);
                            return
                        }
                        n(D, 0, [L, 33])
                    }
                } catch (m) {
                    try {
                        n(D, 22, m)
                    } catch (O) {
                        r(D, O)
                    }
                }
                D.B--
            }
        },
        im = function(D, J, u) {
            return D.H(function(P) {
                u = P
            }, false, J), u
        },
        Y = b.requestIdleCallback ? function(D) {
            requestIdleCallback(function() {
                D()
            }, {
                timeout: 4
            })
        } : b.setImmediate ? function(D) {
            setImmediate(D)
        } : function(D) {
            setTimeout(D, 0)
        },
        vj = function(D, J) {
            return J[D] << 24 | J[(D | 0) + 1] << 16 | J[(D | 0) + 2] << 8 | J[(D | 0) + 3]
        },
        I = function(D, J, u) {
            u = this;
            try {
                rc(this, J, D)
            } catch (P) {
                r(this, P), J(function(g) {
                    g(u.K)
                })
            }
        },
        VP = function(D, J, u, P) {
            function g() {}
            return P = $N(D, function(C) {
                g && (J && Y(J), u = C, g(), g = void 0)
            }, (u = void 0, !!J))[0], {
                invoke: function(C, m, O, h) {
                    function S() {
                        u(function(z) {
                            Y(function() {
                                C(z)
                            })
                        }, O)
                    }
                    if (!m) return m = P(O), C && C(m), m;
                    u ? S() : (h = g, g = function() {
                        h(), Y(S)
                    })
                }
            }
        },
        Bj = function(D, J) {
            if ((D = (J = b.trustedTypes, null), !J) || !J.createPolicy) return D;
            try {
                D = J.createPolicy("bg", {
                    createHTML: um,
                    createScript: um,
                    createScriptURL: um
                })
            } catch (u) {
                b.console && b.console.error(u.message)
            }
            return D
        },
        T, Wj = function(D, J, u, P) {
            return X(u, (W(u, 41, (QP(u, (P = X(u, 41), u.O && P < u.R ? (W(u, 41, u.R), U4(D, u)) : W(u, 41, D), J)), P)), 138))
        },
        pz = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        hC = [],
        L = {},
        gc = (I.prototype.zn = void 0, I.prototype.m3 = void 0, I.prototype.h = "toString", []),
        oq = [],
        Sy = [],
        Z = [],
        l = (I.prototype.aw = false, []),
        V = [],
        e = [],
        R = (((((t = (Pj, K, qt, ey, I).prototype, t).H = function(D, J, u, P, g) {
            if (u = "array" === JC(u) ? u : [u], this.K) D(this.K);
            else try {
                g = !this.Y.length, P = [], M(this, [Z, P, u]), M(this, [l, D, P]), J && !g || Q(true, this, J)
            } catch (C) {
                r(this, C), D(this.K)
            }
        }, t.P = (window.performance || {}).now ? function() {
            return this.tf + window.performance.now()
        } : function() {
            return +new Date
        }, t).Iw = function(D, J, u, P, g, C) {
            for (u = (C = [], P = 0); u < D.length; u++)
                for (P += J, g = g << J | D[u]; 7 < P;) P -= 8, C.push(g >> P & 255);
            return C
        }, t).Qv = function() {
            return Math.floor(this.P())
        }, t.lS = function(D, J, u) {
            return D ^ (J ^= J << 13, J ^= J >> 17, (J = (J ^ J << 5) & u) || (J = 1), J)
        }, I.prototype).L = "create", t.wy = function(D, J, u, P, g) {
            for (P = g = 0; g < D.length; g++) P += D.charCodeAt(g), P += P << 10, P ^= P >> 6;
            return D = (P += P << 3, P ^= P >> 11, P + (P << 15)) >>> 0, g = new Number(D & (1 << J) - 1), g[0] = (D >>> J) % u, g
        }, L.constructor),
        kN = (t.gy = function() {
            return Math.floor(this.T + (this.P() - this.N))
        }, void 0),
        Nt = (I.prototype.i = function(D, J) {
            return D = (kN = function() {
                    return D == J ? -44 : -78
                }, J = {}, {}),
                function(u, P, g, C, m, O, h, S, z, H, U, q, v, f, w) {
                    D = (m = D, J);
                    try {
                        if (f = u[0], f == e) {
                            O = u[1];
                            try {
                                for (w = (q = (P = g = 0, atob(O)), []); P < q.length; P++) h = q.charCodeAt(P), 255 < h && (w[g++] = h & 255, h >>= 8), w[g++] = h;
                                W(this, (this.R = (this.O = w, this).O.length << 3, 504), [0, 0, 0])
                            } catch (B) {
                                n(this, 17, B);
                                return
                            }
                            QP(this, 8001)
                        } else if (f == Z) u[1].push(X(this, 199), X(this, 294).length, X(this, 498).length, X(this, 325).length), W(this, 138, u[2]), this.W[217] && Wj(X(this, 217), 8001, this);
                        else {
                            if (f == l) {
                                this.V = (z = (C = N(2, ((g = u[2], X)(this, 498).length | 0) + 2), this.V), this);
                                try {
                                    H = X(this, 334), 0 < H.length && y(this, 498, N(2, H.length).concat(H), 10), y(this, 498, N(1, this.A), 109), y(this, 498, N(1, this[l].length)), q = 0, q += X(this, 485) & 2047, U = X(this, 325), q -= (X(this, 498).length | 0) + 5, 4 < U.length && (q -= (U.length | 0) + 3), 0 < q && y(this, 498, N(2, q).concat(K(q)), 15), 4 < U.length && y(this, 498, N(2, U.length).concat(U), 156)
                                } finally {
                                    this.V = z
                                }
                                if (v = ((((w = K(2).concat(X(this, 498)), w)[1] = w[0] ^ 6, w)[3] = w[1] ^ C[0], w)[4] = w[1] ^ C[1], this.uS(w))) v = "!" + v;
                                else
                                    for (q = 0, v = ""; q < w.length; q++) S = w[q][this.h](16), 1 == S.length && (S = "0" + S), v += S;
                                return X((X(this, (X(this, ((P = v, W)(this, 199, g.shift()), 294)).length = g.shift(), 498)).length = g.shift(), this), 325).length = g.shift(), P
                            }
                            if (f == hC) Wj(u[1], u[2], this);
                            else if (f == V) return Wj(u[1], 8001, this)
                        }
                    } finally {
                        D = m
                    }
                }
        }(), /./),
        fz, bm = (I.prototype.Cr = (I.prototype[gc] = [0, 0, 1, 1, 0, 1, 1], (I.prototype.uS = function(D, J, u, P) {
            if (J = window.btoa) {
                for (P = (u = 0, ""); u < D.length; u += 8192) P += String.fromCharCode.apply(null, D.slice(u, u + 8192));
                D = J(P).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else D = void 0;
            return D
        }, I.prototype).UB = 0, 0), e).pop.bind(I.prototype[Z]),
        FY = ((fz = jy(I.prototype.L, (Nt[I.prototype.h] = bm, {get: bm
        })), I).prototype.MU = void 0, function(D, J) {
            return (J = Bj()) && 1 === D.eval(J.createScript("1")) ? function(u) {
                return J.createScript(u)
            } : function(u) {
                return "" + u
            }
        })(b);
    40 < (T = b.botguard || (b.botguard = {}), T.m) || (T.m = 41, T.bg = VP, T.a = $N), T.fBW_ = function(D, J, u) {
        return [(u = new I(D, J), function(P) {
            return im(u, P)
        })]
    };
}).call(this);
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 174af6e6016c1e590f8d4e7351950a0e963b9bdd76053aa4cf08d101e5ff2e3e

                                        0,
function(C) {
    Ze(1, C)
}
                                    

Executed Writes (0)



HTTP Transactions (114)


Request Response
                                        
                                            GET /1vfk0d0oywlc8 HTTP/1.1 
Host: linkcurto.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.157.46
HTTP/1.1 301 Moved Permanently
                                        
Date: Sat, 24 Sep 2022 23:40:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 25 Sep 2022 00:40:16 GMT
Location: https://linkcurto.co/1vfk0d0oywlc8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BF%2FHU1JIcflkUuav0N6kuz5lWm1L2Nf845SqKa7He2JpzlAp14vI4laXnfkY94A3obsLZy6hOsgBEK11bKnqxHztgJrfpHUbtxEqVgWVEd0UGSbGVnOS2Vlmx1eo7M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ff5d39ee3db517-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4678
Expires: Sun, 25 Sep 2022 00:58:14 GMT
Date: Sat, 24 Sep 2022 23:40:16 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 23:14:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cfLh7g9Py66VXQjqrxpDUnPqiOUJGDdrVWWzjdANMYjIZpRgENDJ_g==
Age: 1534


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2817
Expires: Sun, 25 Sep 2022 00:27:13 GMT
Date: Sat, 24 Sep 2022 23:40:16 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ebUpjNn+kpoo+xNAdiiWcyh8G5Ds4lfo8cMK5cBdfKod9y5TINVEaDXX01D6cY35mUviKW8L2PW1dv+rwwg8Cw==
x-amz-request-id: 4P7Y3VY8G3HSNKSK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Sep 2022 22:45:26 GMT
age: 3290
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 23:40:16 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 23:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 23:55:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Se7avN_Vwe89fMuPuRPdmHhP-_NvJSKtTlIQo6T5AZw8x8XT6BziMw==
Age: 2159


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6124
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:40:17 GMT
Last-Modified: Sat, 24 Sep 2022 21:58:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Atb2G9iEFRT29zqwWzypUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.203.49
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X8kqLH1/0e/kuE2jfm257VcQB4E=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CCF785ADEDF2F1D5608E5EB79FA4064F51E0178A3A4669DB7B8DBB191996F05D"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 25 Sep 2022 05:40:18 GMT
Date: Sat, 24 Sep 2022 23:40:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8486
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 23:40:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8486
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 23:40:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8486
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 23:40:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8486
Expires: Sun, 25 Sep 2022 02:01:44 GMT
Date: Sat, 24 Sep 2022 23:40:18 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
age: 7392
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8914
Md5:    dfdacc8edea3c24dad020d7e9c11b3f4
Sha1:   2b6e37596e88b62f288dc8e8c937fd904fae28d5
Sha256: 338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb442b904-290c-4a62-b7de-aadc1622cac4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8883
x-amzn-requestid: 684fdd05-960b-42cb-8544-3347a4bf9b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PmEaqIAMFz4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-2642e1df108d0f7a5d98b126;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ww7Y221O3YKYU2YLj-uLBxsJoTTCvV4nZd1Vlh2DK1TAFv2BINUJ4w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 7393
etag: "5fc6f043ab0929c95b84b78c9d03befbe0fadea0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8883
Md5:    4ecc2a02c5bf02ae98849085d835b2dd
Sha1:   5fc6f043ab0929c95b84b78c9d03befbe0fadea0
Sha256: ac308de6a557df495017c8cd16d431711daee7107686c1b74cd4e6f0e63de961
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10845
x-amzn-requestid: b819b750-c0b1-46b1-9e6c-010912fa87b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EzFpWoAMFxdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7884-3671ba9f0fc6b3e52e25f8a7;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F8HfbDS4Ki85iwI7IgBulH70M3NwK6_-lmATgGp2myUTSlJKCDiScw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:26 GMT
age: 7252
etag: "f18edf7b5080b39e00bde335c16ca0f771428e8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10845
Md5:    716068d10c9e3a16d3a8e727992f71ec
Sha1:   f18edf7b5080b39e00bde335c16ca0f771428e8e
Sha256: 5991be1a009df210adc123f9f8081f669368a3a1891305717fc40ead172917a3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6m2265h0hSgCTluIqgbC-hSZiiyeqMR0qEwnYgXfjfxNa99trVEgA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 18:05:57 GMT
age: 20061
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7690
Md5:    75eb09cb0472d311d2deaf4475a2fb29
Sha1:   9e7b0fd5b7c45213e1808361867a254c8e313a30
Sha256: c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 7379
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7404
x-amzn-requestid: ef623ade-f397-40a9-b88d-0394f22a8d8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJPGYyoAMFVEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-2da73ceb54b36ade5bf4ce1a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jqPyyJr0H9dHTBuQb9Z8bNBwMXhBz5pz09u_j1R0Qpp-iGUGFXm0VQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 02:52:44 GMT
age: 74854
etag: "3a69c08b4d25d1dae1abbabd103d6d295a2f5425"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7404
Md5:    9bbdad67489e993cebd23ffb04ebd02c
Sha1:   3a69c08b4d25d1dae1abbabd103d6d295a2f5425
Sha256: ee3839246f3bada3e3190c240c8ac64d8012a87c062c5e006ed80a7edcd773a5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sat, 24 Sep 2022 23:40:20 GMT
date: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    7d84c4456027d3c2e042f55c624444cb
Sha1:   ae1299213270a14574bac01f8f91d29a4c9ffd7c
Sha256: 5ac486ab075825fc510d276894e2a289866e243bbb1efe2f5246c710f307aae4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:40:20 GMT
Server: ECS (amb/6BAC)
Content-Length: 278

                                        
                                            POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v0.js HTTP/1.1 
Host: js.upnid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         130.211.14.112
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
vary: Origin
content-encoding: gzip
via: 1.1 google
content-length: 8884
date: Sat, 24 Sep 2022 20:12:27 GMT
age: 12473
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23050)
Size:   8884
Md5:    960c2f02f796ed460b2c3911ee0f498d
Sha1:   862e007ff302286b83d9e5b4b880acdf5894ac1a
Sha256: d5112369b9ae06973e98285df7d92749ddae470430912d01fd70f7c45207592f
                                        
                                            POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:40:20 GMT
Last-Modified: Sat, 24 Sep 2022 22:21:19 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uHiDWNxo55aYmZaaG5xpjr8qbA2MmWjqcN7d6ECPerCDgGNhnBoNVw==
Age: 4741

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BE2DA8F3F37D430FC0F7EE4522259B928A931F13381685B7BA01A56B2A8CFEEB"
Last-Modified: Sat, 24 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5757
Expires: Sun, 25 Sep 2022 01:16:17 GMT
Date: Sat, 24 Sep 2022 23:40:20 GMT
Connection: keep-alive

                                        
                                            GET /s/files/1/0644/5518/0512/products/Design_sem_nome_6_250x250.png HTTP/1.1 
Host: cdn.shopify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.254.71
HTTP/2 200 OK
content-type: image/avif
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
content-length: 12251
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0644/5518/0512/products/Design_sem_nome_6_250x250.png>; rel="canonical"
server-timing: imagery;dur=684.239, imageryFetch;dur=96.309, imageryProcess;dur=587.278;desc="image"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 7f21093f-2f46-45c5-b292-14a06152158f
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Fri, 23 Sep 2022 10:31:31 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qg%2FkHFtMSbhmTcRA5WfNqVdYA2El3nZ7UY73EH7sTcStkftj36rmjjJfACOVrsJwmKeSHj1e%2FyJTp6u3IP5ps98fvsz%2BRqDjA5V3GvI7AACjLsN4mD%2BcVDUyM4XkVfv3zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d54bcad1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   12251
Md5:    70bda43e3c1348f2415b9304cd582ff5
Sha1:   4ddbd8a9bcf82f11e0057155e19c51046ba57921
Sha256: d634cdcf9f01110274dc8478d29b642e0edd69fa1361c530b3ec6857c25a5485
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BE2DA8F3F37D430FC0F7EE4522259B928A931F13381685B7BA01A56B2A8CFEEB"
Last-Modified: Sat, 24 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5757
Expires: Sun, 25 Sep 2022 01:16:17 GMT
Date: Sat, 24 Sep 2022 23:40:20 GMT
Connection: keep-alive

                                        
                                            GET /v1/seal/aw/www.cea.com.br/seal.png HTTP/1.1 
Host: api.siteblindado.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 3317
x-amzn-requestid: 1d9f2ff0-ca69-4051-8aa6-e9380fca13a4
x-amzn-remapped-content-length: 3317
x-amz-apigw-id: Y-xo5Hl3IAMFcmw=
x-amzn-trace-id: Root=1-632f6305-6e31f05b6b812b5453c3da08
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: NAzGP0dWe9j01HvScCyG59b6DqVEw8V8NbiJ2yjde7Hls4q4nF3fkw==
expires: Sat, 24 Sep 2022 23:40:21 GMT
date: Sat, 24 Sep 2022 23:40:20 GMT
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 115 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   3317
Md5:    2ad9133180c0c907a2e3fc9adea00f4e
Sha1:   560c5796b860482d44dbd965921962e927a55f85
Sha256: ec969b9a7a0073c94d2729ceaf34e018baedeeb8848be7b4fdc462586255d46b
                                        
                                            GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:08:19 GMT
expires: Tue, 19 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 441121
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size:   33580
Md5:    848cd2ecd011428969dc6b90431bc482
Sha1:   6b1a7b562a56bd54510e0f6f95e26babca331a1b
Sha256: 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /king-assets.yampi.me/dooki/6152682e36845/6152682e3684b.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         16.12.1.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 5t2o8Ju4kPL2j8qox1yT6E2ruarkMyLchC4k4cIJzOfjStvNqggrRq0AIDFuAKAjMJTVYJ/42iw=
x-amz-request-id: 34YCDMNBC5Z94VF2
Date: Sat, 24 Sep 2022 23:40:21 GMT
Last-Modified: Tue, 28 Sep 2021 00:56:15 GMT
ETag: "38c2a5c9cc0ecfe5bfc40cfcac18032b"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 8154


--- Additional Info ---
Magic:  PNG image data, 440 x 114, 8-bit colormap, non-interlaced\012- data
Size:   8154
Md5:    38c2a5c9cc0ecfe5bfc40cfcac18032b
Sha1:   037a2564566555f14ae0cfd555eb83e34c2741a0
Sha256: 92dc6bc90d38b5a10a6ab828981c9270e1aede9f79ade793bc80c84fb9e54a1f
                                        
                                            GET /i18n/pixel/config.js?sdkid=CCMBBHRC77UE78HT46EG&hostname=seguro.lojasmagazinedigital.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202209242340216D8D3DE3EB684636533B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e6e633dfa9cbe7a29a525a4769d5f4f8aa07e932ae5a51e13404af748e0b6dd9abadddfdf3990eae07a9a051ac2eaa880
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
content-length: 355
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FEgn7jt33P9q4t94cKxNjMWqrm; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=100
x-origin-response-time: 100,23.36.79.13
x-akamai-request-id: 47276431
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   355
Md5:    3cb2b0ef3e7e60f8381b99f1bdbc562b
Sha1:   b8df7a18cb3c59dc5cfb84807436e0d1018aa5bd
Sha256: 84bb86e737a40406a027cec1cf9ebb3902b2811b8e853a7eb8324370b59870d7
                                        
                                            GET /i18n/pixel/config.js?sdkid=CCMDDL3C77UEI4U7VNDG&hostname=seguro.lojasmagazinedigital.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20220924234021F8185AB0D53F3763808B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e115022a386c0bbc0cc5cc16ca57f73c8d9039bec65e11420bda3fe54d037fcf0c0cf8229a2cc06b939799ae027741622
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
content-length: 355
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FEgnE0iWm4Mos7qOQidyH6ahDD; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
x-origin-response-time: 100,23.36.79.13
x-akamai-request-id: 47276443
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   355
Md5:    6cb268c32c766f697edccaafe9c638e8
Sha1:   e1caf39986c3f82c6c65f2f65787676e07695895
Sha256: c94fa9cc8bf570b96a360a97460219572378b9d7974753bf37e1f20d7b8a62f7
                                        
                                            GET /i18n/pixel/config.js?sdkid=CCMC903C77UB4C8P4F80&hostname=seguro.lojasmagazinedigital.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022092423402103B26B0765F35636EF97
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e115022a386c0bbc0cc5cc16ca57f73c87e4d0d0697465803a2b4055de2392ae3b554c0c942c4e175ddf0577d1b155c26
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
content-length: 354
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FEgn93C5YhE7Gur4Ky6ka9P1BG; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=116
x-origin-response-time: 116,23.36.79.13
x-akamai-request-id: 47276433
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   354
Md5:    4f8596cea63de96f108bd2bb54d8be54
Sha1:   3470369e610eda926d840ff8189dd783605faee2
Sha256: 84bb7ad97481fcbc1797b2c0e54d40e68adbd1803ad0d0c7922b985909f3e038
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCMCIF3C77UB1O51GMPG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202209242340205032E735F847A6607492
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455efce341e9999265e611b94d130f5ca9abf635fa9a17ebf0cfc4d02b2aa0926601be5caacff2909c44931ce5b8ff6250b5
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=106
x-origin-response-time: 106,23.36.79.13
x-akamai-request-id: 472762ca
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65467)
Size:   56183
Md5:    8b31c14d36df5701d99dd486edd4aeca
Sha1:   c6f071de999fead3ab88eb1c91da4649ca3636c9
Sha256: e68b2e5c159b160bdacab045549769719d8361972f6f13f81dc228b626bd53f8
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCMD5QJC77UB1O51GNH0&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202209242340207352E13EFAA7C236A8F1
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e3b16d19aa4b3a15f003b1b390a836f959cf7e90560fde6a95915960551bcd9e1c1992af1fd4d74e816da273da5859521
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=104
x-origin-response-time: 104,23.36.79.13
x-akamai-request-id: 472762bf
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65467)
Size:   56380
Md5:    6f2b7e8d7ccd39d3798284ad8db094aa
Sha1:   e05a5e5ed1dabf72ebd0f2a4aeac284d4f1b2bc0
Sha256: a4f8b041583a773a8e19a1766cc1060263b6179ac3c589b2adb62daa97a74769
                                        
                                            GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 23:40:20 GMT
date: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   77695
Md5:    b66e7732b5328dd5d30a5b108f494ab8
Sha1:   a25307f05dce75d2742d0e3bd53b6a51f9e10a12
Sha256: 68c9a6f00f71a445890a0659c3d9bbb00d4dbf973c5c7cab5de58c1a270f08cb
                                        
                                            GET /checkout/payment?cart_token=shopify-4e79f8e5a2aae230cea1227f70de940e&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=c465959b50f562ffa73453f817b030733f866d64&customerToken=c5a58e20-3c4c-11ed-bad2-0d3b33431e28 HTTP/1.1 
Host: seguro.lojasmagazinedigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im1WVnVKYzFVTnJSWUxmOHFCYUtSYUE9PSIsInZhbHVlIjoiV2FYUGZSaDNvMDFCXC9wNWJBbEs3VXZIZGo4UWtZK1ByS0pYU3E1cnhtQ283VDBLV2dnUHNtcDU2cjhXcXUyVHFnZ09hYUR1VEx1ak5vekVVMXV3UlpnPT0iLCJtYWMiOiJmM2IyMzVhZjAwZjI0ZDgwMDVmNDk5M2M2ZGI1YTJmMGVkM2Q2ZjNmMmU4N2M1ZWJmN2I3MTNhYzg3NTNhZTBiIn0%3D; bubbstore_checkout=eyJpdiI6IjhONTJIczBuTHhTNVRLVk00OWd2SHc9PSIsInZhbHVlIjoiQTdNV1BudHYzZHNDMnpZR3VaZE5UMzJPdkxGTkpGUlpMczBXaWoyc1FQY2hCcm1DbE1DSWg2Wk9EM1p4elVyWDZ1OUFxaEdPOEw5ZFpMRGNZRklyRUE9PSIsIm1hYyI6ImExMzNkMGRiNzBjMTJjZWY1NGRiZWFjNmM0NGY2NmY1NTFiNWYyOWViYTVmNmNiOThjMTY4MmQ0MzE0YzMxY2QifQ%3D%3D; digitalmagazine_cart=eyJpdiI6InljWEdId0NhT3BXeFEwNWU2ajNPRVE9PSIsInZhbHVlIjoidlVjM3FwSE9cLzJ3WDZcL1pYUTZqa2VMc29GMm1WRENjS1drUDc5TnA5TmhqQlwvNWNCTVl2WkpyckZRZXhcL2V4Rk0xcUE0Y0VOaGxucEIwXC9HTlwvR2hGZ2c9PSIsIm1hYyI6IjViMWVjZGZhMTBiOTM4ZjNjYjBjMDQxMWYxM2ZjMjRjNDU5OGVhZGUwN2JmNTJkN2FjZmY0NzkwMzVkODU5MzEifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 23:40:19 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InczWEJVWlJRdW5pMnkwbWpjcU1TUmc9PSIsInZhbHVlIjoicE51SUcrZjB1dzlSeW56UzdVSzd0R3Z0YmJ2WFJJdWhCUzMyU2tNdTk5Qml4WllKZG90dWZyNlFWV09Tem4rOXdLdDF5RDBzNDU4cGREaVNPbGp4cnc9PSIsIm1hYyI6IjdiMjg4ZmMyMzFiNWEyNmY5ZTQ3MGVhMGIwOWQ5ZTJhYjQ2MGQ3ZGZhNmQ4YTRhODZiNDRjZTYzNTcxNGQyZjQifQ%3D%3D; expires=Sun, 25-Sep-2022 02:40:19 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6ImlwS0JrMkRNU3BUV3ltYnorY3RHcHc9PSIsInZhbHVlIjoiXC90U2dpdUY5Y3p1TkpSNmpEaEdadGEySTNmRGsrQ0tYM1wvWWwwWDJGV0ViVFI2Qks3SEZjejYxRmI1ZkhyTkxXTlJLWmNWNHVKejE5OVY0c3JoRkd6QT09IiwibWFjIjoiNzE3ZGUxMDU4YTYyOGJkODAwNjViNTBmZDcyNDhlNjk2MDM1MThkODE3OWNkYzFlMWUyYWExMzMyMjQxNmM5ZiJ9; expires=Sun, 25-Sep-2022 02:40:19 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   97291
Md5:    048491ee28691c10b8aa2908239804be
Sha1:   e1a15a0fc38b79e15d84c1f7ab5a3116dd0d0c68
Sha256: 632121c8c380b215acd3b48922a90c4a9b15c268fa54144a4a1867c941128f86
                                        
                                            GET /i18n/pixel/config.js?sdkid=CCMD5QJC77UB1O51GNH0&hostname=seguro.lojasmagazinedigital.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022092423402134105D5BD3ACA063CC18
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e8c506f4be95b24ce7718600a3aa3d00db7e70ad28799f5292bdd8a63481aec1f1d6336e013acbbb13eaea976939e8a97
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
content-length: 358
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FEgnAl6M1lALBmuiKfTZEkN6b4; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=117
x-origin-response-time: 117,23.36.79.13
x-akamai-request-id: 4727643e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   358
Md5:    e1724313f9a38ebe178b4ed0318b9f97
Sha1:   cb2888212d89c71027c4b90d62d8d4711d1842d4
Sha256: c606707fef3feb15d192c50dc4da31ffd05f2cbc4fc5a5875bc885c1b4b883e8
                                        
                                            GET /i18n/pixel/config.js?sdkid=CCME79JC77U9QMO0QO4G&hostname=seguro.lojasmagazinedigital.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20220924234021367262280DF29B3AC05E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ed7cf1d3846c9a78117759417f2b5371e1a7fa06375b665f667883a886c05d539e729699c4b37c754d88a1b9f33b05d29
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
content-length: 355
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FEgnBevYYhJN66fIsEbmjTcPbS; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=116
x-origin-response-time: 116,23.36.79.13
x-akamai-request-id: 4727644a
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   355
Md5:    121040ab45ea695381e12a5593584867
Sha1:   be08daf56332ec3b64a3b8ee2dfd7f74dafe8b0a
Sha256: a5fbc4143dcbcfba77d7889ebddcc4452816a1f601010e37b2c180ee4e54ea14
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCMC903C77UB4C8P4F80&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202209242340201FC4DB22F8FD5E3C017C
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e35c8140c93f52413c35f16f87fce0f43185b092f5c8d582ba25e42ffadf7c18aab97cee77c19851ad07491a3abdf1bc8
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=109
x-origin-response-time: 109,23.36.79.13
x-akamai-request-id: 472762bc
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65467)
Size:   56564
Md5:    ebfdda114bf3d38c1a7ba57c1aea8dd3
Sha1:   b5f8604dfb2fed5e80685e14dc28de89bb78fef6
Sha256: 11a2a28fa3ccb2e6c6ca34d0c65cb290997bdeed945df35c4d6c5af536f95a98
                                        
                                            GET /i18n/pixel/config.js?sdkid=CCMCQHBC77U2DQ2A81JG&hostname=seguro.lojasmagazinedigital.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022092423402184642DDFE120B741CBB6
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e3948cb893d3bdcee6a29951aa4fdaf0b797420a1085e71d6e063b16c64899b1c97d1db61ca2f0131a75183a8d3e54a31
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
content-length: 355
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
set-cookie: _ttp=2FEgnERYMUlJSz75wpbxFLWPRwZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=136
x-origin-response-time: 136,23.36.79.13
x-akamai-request-id: 4727643c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   355
Md5:    026bd1eff2ada9415b44270460f91a64
Sha1:   a116ef68473429571afbc81971efa87c54993655
Sha256: eabbee024cfe9ea4e866ab3310e7159d8e359963f612e271877aec2f1a1ed3e1
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn7jt33P9q4t94cKxNjMWqrm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021575D272BBBE14C38BD84
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e653aec3ebbe2f88fb30104a3dfa66c8510d943110b4c7c8161be6aedd968eb1fcd619e7ccd930783d2a0efb5eca9aef2
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=4, origin; dur=122
x-origin-response-time: 122,23.36.79.13
x-akamai-request-id: 47276519
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn7jt33P9q4t94cKxNjMWqrm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340210159F82417F50833A128
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e695779b7a0185d847c679e9360e9a0e61808d0aa30d8c0191b439177754024ae28beb24effeed8d8a782dd93fdb754d3
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=7, origin; dur=120
x-origin-response-time: 120,23.36.79.13
x-akamai-request-id: 4727651c
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn93C5YhE7Gur4Ky6ka9P1BG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021367262280DF29B3AC072
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e7cd722fe58456d11c8ab1ac716c9fd4bc8e80053360eb49754da78dccf769c0c78586fb92127e29f3573dc0a85eef32a
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=7, origin; dur=118
x-origin-response-time: 118,23.36.79.13
x-akamai-request-id: 4727652a
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn8SF6OcJK4jk8C3ahCyi3kQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021BF9CAD79A3CCD8424DD0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eaa63c0d5c2821fa93598224f4412005bbe6c9421f9f77937eb11de60fc5f267ace467a216f5bcf440575c753a4020d3e
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=7, origin; dur=117
x-origin-response-time: 117,23.36.79.13
x-akamai-request-id: 47276531
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn8SF6OcJK4jk8C3ahCyi3kQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021573A4E9F4FBD683D2985
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e7113d797e8f9b25f3fe5b662ae4ce6b9eef0ef8f4f6aa688c011c32742a6c7df1b006114455fad18378268ad6d0d58e2
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=8, origin; dur=113
x-origin-response-time: 113,23.36.79.13
x-akamai-request-id: 47276537
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnAl6M1lALBmuiKfTZEkN6b4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340211FC4DB22F8FD5E3C01ED
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e4e22f13de4ba8f1957b523df326b6df9ba28e7de2935fffb0a6ca3897789220afddf7e00d23d795fb51781d5eb5912e6
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=8, origin; dur=110
x-origin-response-time: 110,23.36.79.13
x-akamai-request-id: 4727653c
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnAl6M1lALBmuiKfTZEkN6b4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021F8185AB0D53F376380A2
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e85b28326866efd84ae04897ed66abbc6492c7e28c6f34af43438f03ed61e66ccc269a360176b6dc8d60284fd5d15c8c6
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=8, origin; dur=111
x-origin-response-time: 111,23.36.79.13
x-akamai-request-id: 4727653e
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnAl6M1lALBmuiKfTZEkN6b4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402171EAC7E7054B0468E5A0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e115022a386c0bbc0cc5cc16ca57f73c841b314d9ae3b8a81a4cca30ebaa5ed839768aefc9827dca5cdcf290f0a777b64
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=6, origin; dur=115
x-origin-response-time: 115,23.36.79.13
x-akamai-request-id: 47276543
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnAlOq9PMI74Qa8JaHnI0D9Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340216D8D3DE3EB6846365355
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ec9c12077efddded96852c831631f0ccc6c9a75337f20d390d6322a5951f931e2641c6e240dd538696ff0f2a7b3d02201
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=9, origin; dur=110
x-origin-response-time: 110,23.36.79.13
x-akamai-request-id: 47276549
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnBevYYhJN66fIsEbmjTcPbS
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340217352E13EFAA7C236A980
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e3948cb893d3bdcee6a29951aa4fdaf0b4a6a60758eb21eb741b7387bbc11d63e05140f91fc758fb1688900a5c01cb88d
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=10, origin; dur=113
x-origin-response-time: 113,23.36.79.13
x-akamai-request-id: 4727654d
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnE0iWm4Mos7qOQidyH6ahDD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402103B26B0765F35636EFC6
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ec92139c2a7eb463980833d3c7ac766c87e23993261630c92144d29178dab4f3f9e4727a1adcb7499ea77fba1ebabe5c6
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=6, origin; dur=126
x-origin-response-time: 126,23.36.79.13
x-akamai-request-id: 47276546
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn8evdqOlyRyRbWGHr9kVbk8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340215032E735F847A660750C
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e7cd722fe58456d11c8ab1ac716c9fd4bed40b8a1f048b904893cdedf16bab2b454d9d47ed27034e26e9d7e5f6c5406de
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=9, origin; dur=111
x-origin-response-time: 111,23.36.79.13
x-akamai-request-id: 4727655e
X-Firefox-Spdy: h2

                                        
                                            GET /i18n/pixel/events.js?sdkid=CCME79JC77U9QMO0QO4G&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022092423402003B26B0765F35636EF62
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e115022a386c0bbc0cc5cc16ca57f73c87954d05b761979378b266595ef6d390d3faafd3dbeaed295c4dbd894327dc4ae
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=119
x-origin-response-time: 119,23.36.79.13
x-akamai-request-id: 472762af
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65467)
Size:   56162
Md5:    83e6b7f05c8cea14bd8a7d688727aef9
Sha1:   594bddf54d838a8736e0eaefb0d77cbd7763d49f
Sha256: 75f1a16566bb9ce33937d23f36ecfade5fc80d5cf4453ad5ac1987abbfc1b21f
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn8evdqOlyRyRbWGHr9kVbk8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021B6AE0924B5677C3AC6AB
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eb98b6890edb3007054f636d3df125944fd0b8e4290fa3271fca4a0b1745c7174fe919acde60a6cd0b519dd043b049317
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=7, origin; dur=110
x-origin-response-time: 110,23.36.79.13
x-akamai-request-id: 47276564
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn93C5YhE7Gur4Ky6ka9P1BG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402134105D5BD3ACA063CC3A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e35c8140c93f52413c35f16f87fce0f43319c43e8c49c8270aab50d19991c9b8bd4ba5a35b2226c5cfe96dab7dcfa4e0c
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=67, cdn-cache; desc=MISS, edge; dur=7, origin; dur=178
x-origin-response-time: 178,23.36.79.13
x-akamai-request-id: 4727652d
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402184642DDFE120B741CBE2
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ed7cf1d3846c9a78117759417f2b5371eba1f0e228ee16e51590255d8326254bf618a218747be27ed4c6082ed049d032f
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=7, origin; dur=129
x-origin-response-time: 129,23.36.79.13
x-akamai-request-id: 47276581
X-Firefox-Spdy: h2

                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:11:34 GMT
expires: Fri, 22 Sep 2023 07:11:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 232127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5517
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:40:21 GMT
Last-Modified: Sat, 24 Sep 2022 22:08:24 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cart/recomm HTTP/1.1 
Host: seguro.lojasmagazinedigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImM2YWI1NGQ0ZTUzN2JiNjgiLCJ0ciI6IjBjMzhlNDgzNzE4NjNiNmVkYzZhYWRmZGUwNjlkYmU5IiwidGkiOjE2NjQwNjI4MTk1MjF9fQ==
traceparent: 00-0c38e48371863b6edc6aadfde069dbe9-c6ab54d4e537bb68-01
tracestate: 2935249@nr=0-1-2935249-1134170823-c6ab54d4e537bb68----1664062819521
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=c5a58e20-3c4c-11ed-bad2-0d3b33431e28
Cookie: XSRF-TOKEN=eyJpdiI6InczWEJVWlJRdW5pMnkwbWpjcU1TUmc9PSIsInZhbHVlIjoicE51SUcrZjB1dzlSeW56UzdVSzd0R3Z0YmJ2WFJJdWhCUzMyU2tNdTk5Qml4WllKZG90dWZyNlFWV09Tem4rOXdLdDF5RDBzNDU4cGREaVNPbGp4cnc9PSIsIm1hYyI6IjdiMjg4ZmMyMzFiNWEyNmY5ZTQ3MGVhMGIwOWQ5ZTJhYjQ2MGQ3ZGZhNmQ4YTRhODZiNDRjZTYzNTcxNGQyZjQifQ%3D%3D; bubbstore_checkout=eyJpdiI6ImlwS0JrMkRNU3BUV3ltYnorY3RHcHc9PSIsInZhbHVlIjoiXC90U2dpdUY5Y3p1TkpSNmpEaEdadGEySTNmRGsrQ0tYM1wvWWwwWDJGV0ViVFI2Qks3SEZjejYxRmI1ZkhyTkxXTlJLWmNWNHVKejE5OVY0c3JoRkd6QT09IiwibWFjIjoiNzE3ZGUxMDU4YTYyOGJkODAwNjViNTBmZDcyNDhlNjk2MDM1MThkODE3OWNkYzFlMWUyYWExMzMyMjQxNmM5ZiJ9; digitalmagazine_cart=eyJpdiI6InljWEdId0NhT3BXeFEwNWU2ajNPRVE9PSIsInZhbHVlIjoidlVjM3FwSE9cLzJ3WDZcL1pYUTZqa2VMc29GMm1WRENjS1drUDc5TnA5TmhqQlwvNWNCTVl2WkpyckZRZXhcL2V4Rk0xcUE0Y0VOaGxucEIwXC9HTlwvR2hGZ2c9PSIsIm1hYyI6IjViMWVjZGZhMTBiOTM4ZjNjYjBjMDQxMWYxM2ZjMjRjNDU5OGVhZGUwN2JmNTJkN2FjZmY0NzkwMzVkODU5MzEifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: application/json
                                        
date: Sat, 24 Sep 2022 23:40:21 GMT
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImlIYTJkVUZTbWFWRzlXVzlaNndJR3c9PSIsInZhbHVlIjoiNER5OGx1VzBPODEyQjVFZFNtWWllQUs2ZFwvdEFcL2dHXC9USW9KalwvREJSM1VvWk4xSWk3VXF6bWVSVmRSZzhleFVhdjdnY3drTXRIOHozeTBXK0t2MU9RPT0iLCJtYWMiOiIzYjM4NDBiOTUxMTU0N2Y3ODY2MDNhYWM1ZTUyNjc2YWNhZmZjZjNkZjA4YmM3YmViYzliNDdhMjAyOTU5ZDNmIn0%3D; expires=Sun, 25-Sep-2022 02:40:21 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6Ijk3TGFoSTNucnQrY1RBN0s2czd5dGc9PSIsInZhbHVlIjoiMUF1UDhRb2dwVjBNYlNocUx2VUpVMTNJaWg2R0g5MU9VaGNOanowQnlvMHhPaStnWEI1U085SEJYVmgrNDFaK0tEMWpNZWJZWFhjQUJoV2hGZmVcL0JBPT0iLCJtYWMiOiI1NWViOWEwNjFjYmE0NmU0NjkxNmJjMDk2NzI4MWI0ZmE1ZmIyZTM0MGI1MjAxNTIyNDUyOGE3ZTIxMjk3Yzc2In0%3D; expires=Sun, 25-Sep-2022 02:40:21 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   808
Md5:    bbcff9085a81ddab1259b0ec81b8b984
Sha1:   e64b3308b27302a49fd8a1ce4621759d4d1f6546
Sha256: 75b753602213964c768f466cde7520e44c29e6db9ae19b73ce59d2595dcdff75

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: clk4MGUAxS5BNQmOkZvHJpgt08je4Cm4fLbF/l6dRY7swUQ85X826Ugqhn4A4HVZsyvoOil4x2QkCuyz15OOpQ==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Sat, 24 Sep 2022 23:40:21 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26839
Md5:    9ecd89752214ef749272eef344b9089a
Sha1:   70a58a49c08934265ee34c74efb01d6b3124095d
Sha256: f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 22:41:09 GMT
expires: Sun, 25 Sep 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 3552
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5517
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 23:40:21 GMT
Last-Modified: Sat, 24 Sep 2022 22:08:24 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgn8evdqOlyRyRbWGHr9kVbk8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402112E0D6B0912D473C3D6F
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eeb13ddf03c3df069ef474503f67ac28e74b4d91c1e1ff611e7eb8be4e4dede7413700c3412901138d2a7e4475a0cc635
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=7, origin; dur=399
x-origin-response-time: 399,23.36.79.13
x-akamai-request-id: 4727656a
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340218966E1FEECC85F354069
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e3daf9c15015bd134a40f24f4e1082241614e994bc17c90107371b832cc7e5737a22a068216e04dc2bd99d07083b5d7b4
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=12, cdn-cache; desc=MISS, edge; dur=8, origin; dur=396
x-origin-response-time: 396,23.36.79.13
x-akamai-request-id: 4727656f
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402116E151935544CF37A9BD
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e7c47808476652405a69e7f57404e1871d4b1a9d59a7b56f2b7b55aa2797a0abedaaa72a70d089aa68884e51dbbf3d7c8
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=7, origin; dur=403
x-origin-response-time: 404,23.36.79.13
x-akamai-request-id: 47276575
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340212DDC0FF079DE34398EA8
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eaa63c0d5c2821fa93598224f4412005b28f4f14fd0d8f91d69b9dc607965413d4ceaecc2ee6af1ab5a2ea4bc8e53eb75
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=13, cdn-cache; desc=MISS, edge; dur=7, origin; dur=405
x-origin-response-time: 405,23.36.79.13
x-akamai-request-id: 47276588
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340218020A3A3F5079D439096
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e653aec3ebbe2f88fb30104a3dfa66c85ebfa477fa355944ca2a7d38e65ffc81f4d29655b370bf25ae888098d7a9289a1
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=8, origin; dur=414
x-origin-response-time: 414,23.36.79.13
x-akamai-request-id: 4727657e
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220924234021E2FE9A153505574920A7
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ea278d02bcce6a7c1c6a2ce19064e799660e1ba5c52f6e21a18affd276d693640c6a22537ad2156cd5b0fb6472b546fdc
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=6, origin; dur=406
x-origin-response-time: 406,23.36.79.13
x-akamai-request-id: 4727659e
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1067
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022092423402151C206277DA55F3E12ED
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eeb13ddf03c3df069ef474503f67ac28ebd83f08c30abeabd5924b114c0be210e3392123f73f0da1f9db08ec6c6df546a
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=9, origin; dur=431
x-origin-response-time: 431,23.36.79.13
x-akamai-request-id: 4727658d
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 893
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Cookie: _ttp=2FEgnARXBi4xFiZf4pHuVSLKGmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202209242340212C6304B6F32FFA3AA601
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e8bfda1ffd3249e20294842c3710ff11d9da6d06c9db2bd4faa4f6661fd2e5c22f8204c4ea74f5d4ea373bdc814e93241
expires: Sat, 24 Sep 2022 23:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:21 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=9, origin; dur=430
x-origin-response-time: 430,23.36.79.13
x-akamai-request-id: 47276599
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-45745009-5&cid=2147082534.1664062820&jid=1637994372&gjid=2022297467&_gid=307423205.1664062820&_u=IEDAAAASAAAAAC~&z=1675530279 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://seguro.lojasmagazinedigital.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 23:40:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 23:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /king-assets.yampi.me/dooki/62853f325e349/62853f325e34b.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         16.12.1.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: +pAaxYqsPrktVvLOGA4cUt+BvtMMXhrEVw4XX7jf0VAxkoo7MsgaHasUV/s069uNFDXhbWwTjrw=
x-amz-request-id: W7WJYRDKAQCHR16P
Date: Sat, 24 Sep 2022 23:40:22 GMT
Last-Modified: Wed, 18 May 2022 18:47:15 GMT
ETag: "df8d24ed57ef87631718e59aa0e92ea3"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 326260


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   326260
Md5:    df8d24ed57ef87631718e59aa0e92ea3
Sha1:   eec0dfd62b392e317425e49d024924a0fc7d185a
Sha256: 9e477f983d179eaedaefa64e6f4b8e310eee24efa92095f6686b3f64feaa0413
                                        
                                            GET /tr/?id=1779630119052433&ev=PageView&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821892&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=PageView_x00ipzinq&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   171703
Md5:    104f8614f980267f32d90e8269149015
Sha1:   4aa322714370de6d4566a953b4382ad7609945ec
Sha256: 1e8def933334e4bf01126ad7299e0deefd0b78336da9212ec387a8f5c4b6c79f
                                        
                                            GET /tr/?id=1779630119052433&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821902&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=AddPaymentInfo_14eclqxv4&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=940557220191489&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821904&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=AddPaymentInfo_7ur1bqw9j&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=1025528038127175&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821906&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=AddPaymentInfo_064yht2qu&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=2024311724429199&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821907&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=1&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=AddPaymentInfo_onmijcpfr&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=940557220191489&ev=PageView&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821894&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=PageView_x00ipzinq&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   85851
Md5:    7851d6753e143c34a961de11f95b75b0
Sha1:   0449ab62c142fd75f49572b90225492e8f02cae6
Sha256: d5f2a58523f2431f3dd4280278e819aa7055097d7795ddec77f181ba12c888c4
                                        
                                            GET /tr/?id=5022391064533067&ev=PageView&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821900&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=PageView_x00ipzinq&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.lojasmagazinedigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImY3MmUyODBhZDAxNGY5NjciLCJ0ciI6IjVjOTkyZGIwZjljNWZjZjU0NjJjNzcwYjI1YjFlOGFiIiwidGkiOjE2NjQwNjI4MTk1MzN9fQ==
traceparent: 00-5c992db0f9c5fcf5462c770b25b1e8ab-f72e280ad014f967-01
tracestate: 2935249@nr=0-1-2935249-1134170823-f72e280ad014f967----1664062819533
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=c5a58e20-3c4c-11ed-bad2-0d3b33431e28
Cookie: XSRF-TOKEN=eyJpdiI6InczWEJVWlJRdW5pMnkwbWpjcU1TUmc9PSIsInZhbHVlIjoicE51SUcrZjB1dzlSeW56UzdVSzd0R3Z0YmJ2WFJJdWhCUzMyU2tNdTk5Qml4WllKZG90dWZyNlFWV09Tem4rOXdLdDF5RDBzNDU4cGREaVNPbGp4cnc9PSIsIm1hYyI6IjdiMjg4ZmMyMzFiNWEyNmY5ZTQ3MGVhMGIwOWQ5ZTJhYjQ2MGQ3ZGZhNmQ4YTRhODZiNDRjZTYzNTcxNGQyZjQifQ%3D%3D; bubbstore_checkout=eyJpdiI6ImlwS0JrMkRNU3BUV3ltYnorY3RHcHc9PSIsInZhbHVlIjoiXC90U2dpdUY5Y3p1TkpSNmpEaEdadGEySTNmRGsrQ0tYM1wvWWwwWDJGV0ViVFI2Qks3SEZjejYxRmI1ZkhyTkxXTlJLWmNWNHVKejE5OVY0c3JoRkd6QT09IiwibWFjIjoiNzE3ZGUxMDU4YTYyOGJkODAwNjViNTBmZDcyNDhlNjk2MDM1MThkODE3OWNkYzFlMWUyYWExMzMyMjQxNmM5ZiJ9; digitalmagazine_cart=eyJpdiI6InljWEdId0NhT3BXeFEwNWU2ajNPRVE9PSIsInZhbHVlIjoidlVjM3FwSE9cLzJ3WDZcL1pYUTZqa2VMc29GMm1WRENjS1drUDc5TnA5TmhqQlwvNWNCTVl2WkpyckZRZXhcL2V4Rk0xcUE0Y0VOaGxucEIwXC9HTlwvR2hGZ2c9PSIsIm1hYyI6IjViMWVjZGZhMTBiOTM4ZjNjYjBjMDQxMWYxM2ZjMjRjNDU5OGVhZGUwN2JmNTJkN2FjZmY0NzkwMzVkODU5MzEifQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 23:40:21 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InZZN1ZlWTFIZCsxTkhwUHNERStMNHc9PSIsInZhbHVlIjoiZjJQQjZUSXQwSXRHWU83SElGZmNLOVk3SVVMdGpwVlE5ZkFidjhPNHhiSE02WUE2bHBTSzdFMmZLbUZrdTdzVkVyMGhNZElVdUt3S0lVS2VuUG1TT1E9PSIsIm1hYyI6IjA1Nzg3ZTkxZjMzMzE4YjJmYjU5ZGRhZjhiZDNhNTQyM2RhYzE3YWY0ZWJiOWVmOTJjNzg2ZWFkMzcyYTc0MTMifQ%3D%3D; expires=Sun, 25-Sep-2022 02:40:21 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IkdwMThZVm9hRlplWXpzamR1TWMrSmc9PSIsInZhbHVlIjoiR0MwZmZtWCtGSlh2bVQ3VXkxXC9wQTlTZGVhZFpsQzN0U0h5dHdtQ1dKTDdFNUJXb3FcL3l1SmlQYU9TOURQOTBBSEhTWndXRVI5NWMzQ3FGeDBScER1Zz09IiwibWFjIjoiZGUzYTVjMmJkNmFkMjg4YTczMWU4MjM1NjVhYTZlYTM2OGFiMGExNjNjZTA0N2IzMDJjMDU2M2VmMjYzZDE0NCJ9; expires=Sun, 25-Sep-2022 02:40:21 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATA1XAAkHHh5UFUMGAgVaBgcOAlAGXQsGUwVWFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /tr/?id=1025528038127175&ev=PageView&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821896&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=PageView_x00ipzinq&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=2024311724429199&ev=PageView&dl=https%3A%2F%2Fseguro.lojasmagazinedigital.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Dc5a58e20-3c4c-11ed-bad2-0d3b33431e28&rl=&if=false&ts=1664062821898&cd[content_ids]=%5B%227857130012896%22%5D&cd[content_type]=product_group&cd[value]=99.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=29&fbp=fb.1.1664062821892.1868820189&it=1664062820493&coo=false&eid=PageView_x00ipzinq&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 23:40:23 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sat, 24 Sep 2022 23:40:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1683-BMA
x-cache: HIT
x-cache-hits: 1333
x-timer: S1664062823.354434,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCMCQHBC77U2DQ2A81JG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022092423402021C6F0E0C5BD706E092D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ec3db44b6bf79a97e31df778cfe9b3b67508a9215d44db515dff21e1139da270277b863e15d8efe40337002ac5d7f68a1
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=102
x-origin-response-time: 102,23.36.79.13
x-akamai-request-id: 472762c2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   57542
Md5:    95de2632d30a89546a15f98eb13b9b24
Sha1:   b00bd530d37e694e6f886c86519b9ecdce278fad
Sha256: 4d18985acfa98e1d63518abcfa497a809a977c37640107f3a836399b714d87c3
                                        
                                            GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=7140&ck=1&ref=https://seguro.lojasmagazinedigital.com/checkout/payment&ap=176&be=3691&fe=7056&dc=4533&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664062814977,%22n%22:0,%22f%22:2858,%22dn%22:2858,%22dne%22:2858,%22c%22:2858,%22s%22:2858,%22ce%22:2858,%22rq%22:2860,%22rp%22:3668,%22rpe%22:3668,%22dl%22:3676,%22di%22:4530,%22ds%22:4532,%22de%22:4627,%22dc%22:7055,%22l%22:7055,%22le%22:7058%7D,%22navigation%22:%7B%7D%7D&fcp=4409&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sat, 24 Sep 2022 23:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ff5d664e3f0b45-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=36919a4d26c9056e; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=7474&ck=1&ref=https://seguro.lojasmagazinedigital.com/checkout/payment HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 617
Origin: https://seguro.lojasmagazinedigital.com
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 24 Sep 2022 23:40:23 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 74ff5d683f580b45-OSL
Access-Control-Allow-Origin: https://seguro.lojasmagazinedigital.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            GET /svg/card-mastercard.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.149.218
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5b3"
expires: Sat, 24 Sep 2022 22:26:13 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 0806:B85F:1B57AC3:1C37171:632E163E
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663964735.866228,VS0,VE189
vary: Accept-Encoding
x-fastly-request-id: a75574c12ed1c2655df1b723e6ed59a44d72e3a5
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhEfYw6vzjGuWPgm%2FKsz0MzCCCnXjHTb%2BtWIbvZfMrPsBfaGnPiGZKp6q9hTGLRLyAi5NX6u%2FthUzIPoepEJHbpTYvowtpiSdD%2FIaatw5mMq%2Fc7Jbt2PPUDfYZEImOVS6GZdHyOUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d51aa4c1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cart?cart_token=shopify-4e79f8e5a2aae230cea1227f70de940e&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=c465959b50f562ffa73453f817b030733f866d64&customerToken=c5a58e20-3c4c-11ed-bad2-0d3b33431e28 HTTP/1.1 
Host: seguro.lojasmagazinedigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         170.82.173.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 23:40:18 GMT
location: https://seguro.lojasmagazinedigital.com/checkout/payment?cart_token=shopify-4e79f8e5a2aae230cea1227f70de940e&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=c465959b50f562ffa73453f817b030733f866d64&customerToken=c5a58e20-3c4c-11ed-bad2-0d3b33431e28
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im1WVnVKYzFVTnJSWUxmOHFCYUtSYUE9PSIsInZhbHVlIjoiV2FYUGZSaDNvMDFCXC9wNWJBbEs3VXZIZGo4UWtZK1ByS0pYU3E1cnhtQ283VDBLV2dnUHNtcDU2cjhXcXUyVHFnZ09hYUR1VEx1ak5vekVVMXV3UlpnPT0iLCJtYWMiOiJmM2IyMzVhZjAwZjI0ZDgwMDVmNDk5M2M2ZGI1YTJmMGVkM2Q2ZjNmMmU4N2M1ZWJmN2I3MTNhYzg3NTNhZTBiIn0%3D; expires=Sun, 25-Sep-2022 02:40:18 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IjhONTJIczBuTHhTNVRLVk00OWd2SHc9PSIsInZhbHVlIjoiQTdNV1BudHYzZHNDMnpZR3VaZE5UMzJPdkxGTkpGUlpMczBXaWoyc1FQY2hCcm1DbE1DSWg2Wk9EM1p4elVyWDZ1OUFxaEdPOEw5ZFpMRGNZRklyRUE9PSIsIm1hYyI6ImExMzNkMGRiNzBjMTJjZWY1NGRiZWFjNmM0NGY2NmY1NTFiNWYyOWViYTVmNmNiOThjMTY4MmQ0MzE0YzMxY2QifQ%3D%3D; expires=Sun, 25-Sep-2022 02:40:18 GMT; Max-Age=10800; path=/; httponly digitalmagazine_cart=eyJpdiI6InljWEdId0NhT3BXeFEwNWU2ajNPRVE9PSIsInZhbHVlIjoidlVjM3FwSE9cLzJ3WDZcL1pYUTZqa2VMc29GMm1WRENjS1drUDc5TnA5TmhqQlwvNWNCTVl2WkpyckZRZXhcL2V4Rk0xcUE0Y0VOaGxucEIwXC9HTlwvR2hGZ2c9PSIsIm1hYyI6IjViMWVjZGZhMTBiOTM4ZjNjYjBjMDQxMWYxM2ZjMjRjNDU5OGVhZGUwN2JmNTJkN2FjZmY0NzkwMzVkODU5MzEifQ%3D%3D; expires=Thu, 29-Sep-2022 23:40:18 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-hipercard.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.149.218
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-54bc"
expires: Sat, 24 Sep 2022 22:26:13 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 1F7C:4FA9:A2485E:A7FA72:631CED48
via: 1.1 varnish
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662840137.860379,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 5a9873bf3e3be401e007339ec8459d7c1527e216
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwEYuaB4wqw53sx16BuByLLuf6lxR8xelk874RbJRzDmoRF7l3PhpeCDOGPCY9S4QnvO%2FC0ngNMgYFl2dP9eeylmoX3UYZJK4SVjl5SrlL0EQpFRS%2B2%2BlpVTGiEKB6l%2FEXOmrREH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d51aa4d1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-aura.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.149.218
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-111a"
expires: Sat, 24 Sep 2022 22:26:13 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: B422:11A5A:557696:58A091:632E999D
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663998366.957191,VS0,VE112
vary: Accept-Encoding
x-fastly-request-id: e9447ce22297c9d72dbc2e3ccf55aaf3fd8e3101
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3vwg3ZZrNkquhHZMO8XUDs65FE88lHrZ0i8vNRQAX1cZwoo27gobfO8FbVGKb6qy%2FvuTlhUZ2jzgVCbkBpJWWksdLV45LjqWLj%2BFMWeB%2FeG8kIEG147FI8mn07PUQIQj%2F2Bdwmxlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d51aa4f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/css/app.css?id=7364aba5f3dee28d2e44945e07923648 HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.2.88
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-amz-id-2: Qj7EbVaOzs8MNzFSFYu+F7Fau6uHOEiS63He5IgdSms8LkdReTd0C8kmdRiJVRtdn4WnzUqXD+w=
x-amz-request-id: E1MMEP58KEDKHX8J
last-modified: Fri, 16 Sep 2022 12:44:10 GMT
x-amz-version-id: tDzvH5UD3dj0x1ZKqkC6HAxsINUfeKtz
etag: W/"7364aba5f3dee28d2e44945e07923648"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwWASNjt4ooHudy5MtWogWE3Ljd3vfyrbVJSME03MoeMZDo1ToOIFzwUkB13u8zdpq%2F%2BnluzNS8FobSs%2BqCAao%2FtUQ6PI2Bzyo0Y0dEewfDN4Qw4owDlUvSODPK6yRL8fmmORD7JqhzX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ff5d512c11b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/js/app.js?id=3fe06e3b4774e1e22f744c5b2a2ca9cd HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.2.88
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-amz-id-2: 49aS28FBIXTkl4bKE9+ha7pacAkt3+NPapOS5vMqPTKi5sJ2v0MBnHg6Lcnqo/fcOUnIIah3z3c=
x-amz-request-id: 5RVP5GJAWC4BBHRT
last-modified: Fri, 16 Sep 2022 12:44:10 GMT
x-amz-version-id: RKgRxk_0tWs0Zu8xEYsEG4VN1R862O0o
etag: W/"20baf997b7e31a089f0a9544550cf45a"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXoHnGj1zeTtY0jL6JICzkkg8y8bGAd9OigoUz5J9jbKKNGxeYXa7haDdGOM7WgPWGZtiCGAjtiEZAbBVYVHfjxIbM4UIPnWoBTPR67qQUlBA9gogwqoe8GSDSZG6x16k0StUpUdnfjB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ff5d514c2bb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCMAR9JC77UB4C8P4BM0&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202209242340206D8D3DE3EB6846365315
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455ec9c12077efddded96852c831631f0cccba77b780868f34f803ab61a42f2fb45022f8028afcf6a1522d1fccfe0a8f6383
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=103
x-origin-response-time: 103,23.36.79.13
x-akamai-request-id: 4727629e
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CCMDDL3C77UEI4U7VNDG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20220924234020F8185AB0D53F37638060
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eb8fcdd59b18318910e83f925f2d50ec8b600b0ee08e95d60b01932959763ddaa277e118d4a6ddd27e88aa66fa9fe3a7f
content-encoding: gzip
expires: Sat, 24 Sep 2022 23:40:20 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Sep 2022 23:40:20 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=105
x-origin-response-time: 105,23.36.79.13
x-akamai-request-id: 472762a5
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1vfk0d0oywlc8 HTTP/1.1 
Host: linkcurto.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.81.61
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 23:40:17 GMT
location: https://seguro.lojasmagazinedigital.com/cart?cart_token=shopify-4e79f8e5a2aae230cea1227f70de940e&utm_source=SMS&utm_campaign=Carrinho Abandonado 1&forceCheckout=1&skipToCheckout=1&store_token=c465959b50f562ffa73453f817b030733f866d64&customerToken=c5a58e20-3c4c-11ed-bad2-0d3b33431e28
set-cookie: XSRF-TOKEN=eyJpdiI6IldmZXNlNDFod0NzbGNuUVduVlA0TVE9PSIsInZhbHVlIjoiRjVNRHdKVG1Xamp2MmFUQlQ1cEhwc1JRcFZiVUhGUFhBa1FCOHlvTjcwSjJpYUlyL3dPaVMwZDlWN1JlakIxVWViTWxWbnFMazVlN0ErRDFncjNSRGp2cEpoVWt0K2NXMkxOVm5JQm5iaStkOVlCUjY1WGpXczI5Smc3L3lRek0iLCJtYWMiOiI4NWQ4ODI4NmVlYjAyYTk0OTA2ODhhMmQzNjIyNWNlMzQ1ZjFjOTZmNDMzZjcxZDRmZTU1MDI2ZjEzYjJlZDY4In0%3D; expires=Sun, 25-Sep-2022 01:40:16 GMT; Max-Age=7200; path=/; samesite=lax linkcurto_session=eyJpdiI6IlIrRG9MTkRyT3NYTGlqMCtjRWRadFE9PSIsInZhbHVlIjoiMmpaMDUzRFdQWld0UnBoczZpVUhHWnNqK2xtZSsxMGpTblNCaDFaWk1GSlFLclNkZWdQQ1VIaVJFa0VKbUNTOTlOMytKWWtXa3JXQXRVMXlHTThlOFpmbW01VnczUG1qTW1qdEJZTzdRNk5RQzJFYXJSOHRIQ3ZiYVpnQlVKcWEiLCJtYWMiOiJjMWI1NDkwZWUyYzU1Y2Q3ZmNlODNiODJjMTljNDcxNmU3MDkwODYwZGU3YWY0OGYzOWFjNmE2Yjk3NzBlODA3In0%3D; expires=Sun, 25-Sep-2022 01:40:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FQ5cZlqyVwboJDmz%2BiHuHDEhhwIbrbLhaDqd4pIcRty4jxjL6ui0OUKLgo9EiVqyoxcPBRYIcCUcSvlEActrdiqyf7o147RMDBlt5qApwnfPo4TZ0LlCxw3b48PD7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d3b3ce7b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-visa.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.149.218
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-1288"
expires: Sat, 24 Sep 2022 22:26:13 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 080F:BA4A:C12DCF:C7B63A:631CED48
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662840137.862588,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: bc9167c4d57cb1243a401a61289361b6ca04bef8
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCJc%2B1qBGBVvwR1fI9zVk3WGq%2BQWgQmUgvqRV1Bisqfn0aiYi9uZB2skOYwnYy9dqJ4YS245jzD%2F9gN5j1kzZA0lLC9t%2FWjq23iZRLOeB9E%2FpkIBnvVpLc26ts1z%2FHOO8NrATO9Jow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d51aa501c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jquery/jquery.js HTTP/1.1 
Host: cdn.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.2.88
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-amz-id-2: 7gxTttBd/kCkn0bd/hyRfHdpqJ9gzq8f1yoBkZ3x5D4QwamXpqfrXGunCOTo8cwqgRppri0a9Bk=
x-amz-request-id: 98FT7W7KHGHEXVPW
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tGfCXACDLxt9UrF3Bi4181ThNmeRj22QfVUGTYmaFtBaE%2F2zCzLMCJAdjAN%2FEkRmZBU4ZGOPt11zJ%2B25iQFnteqRNLAEVFEFr1XGmhPoeSCCthvYbQCYJMLBV7wvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ff5d515c32b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fa/4.7.0/fa.css HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.0.53
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
expires: Sun, 02 Oct 2022 23:40:20 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ff5d522d520b3d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-discover.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.149.218
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-f89"
expires: Sat, 24 Sep 2022 22:26:13 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 1014:0A90:4B789E:D04ADA:629E764A
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1654556035.983946,VS0,VE101
vary: Accept-Encoding
x-fastly-request-id: d0464c181bd44a3b4ddea5e69abcb252f448f82a
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKt98v%2F3EWOORncfFaTZFPw5xi7ULA%2Bz1%2BZKGppK5HMrIJU9oV3y01mQZS42HE1Nbg4aUR0fk5I7VX0SRIQHHCxmSXpRBErfgPESVFAYTWCC8IaF29WWa2TByQLrAHEsV12v7XkwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d51aa4b1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-amex.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.lojasmagazinedigital.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.149.218
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 24 Sep 2022 23:40:20 GMT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5f3"
expires: Sat, 24 Sep 2022 22:26:13 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 5EA6:132CD:1652233:17113BE:632E163E
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663964735.864231,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 6d985dfbefad384748332539c39d62a9c358f376
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLhg343mUglnu3E7rZdoy6aLsHzZkdW1jguX7mqKhE%2FhKfrbqxb94dZ%2BpFhwoUkkaDAH0kJUMbI00%2FTp1fo1xKRCPH7tVM46Lc5xP2%2Fi%2Ff8U4PMKZzzpwTo5ylWD%2FlEKA4CJPA4u8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ff5d51aa4a1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---