r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12871
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 16:10:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11330
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 16:10:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 15:43:31 GMT
content-type: application/json
age: 1640
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4923
Expires: Thu, 02 Feb 2023 17:32:54 GMT
Date: Thu, 02 Feb 2023 16:10:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q9uRIi9beeMoyY3gS/O2q0kau74U/9gwk7ZUBppZjyKaS2E6R7ZxgS5rVl/Bq7gp+/Fk+FIYTQdcJEpml+Kz/g==
x-amz-request-id: KPAM3BF9ZBKF37GY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 15:23:09 GMT
age: 2862
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:10:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 15:49:05 GMT
age: 1306
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15664
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 16:10:51 GMT
Connection: keep-alive
seguro.king-ofertas.shop/checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905
170.82.174.30301 Moved Permanently 134 B URL HTTP/1.1 seguro.king-ofertas.shop/checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905 HTTP/1.1
Host: seguro.king-ofertas.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 16:10:51 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.king-ofertas.shop:443/checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905
X-GoCache-CacheStatus: BYPASS
Server: gocache
push.services.mozilla.com/
35.81.158.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.158.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9I9JKc9z67PTRjRmrpnnjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qtLYTO+WkNSEoKZJJj0zGO8lcJ0=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 962ea6bb279ed5e8bb1b8b0df2882c7f
25d0bb140e68967ca8033b3c45790d679c661a79
a8c93d1f88d82f2523d42ede10e46c5049d4351c206b580fd436d53d5f8e0899
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8C93D1F88D82F2523D42EDE10E46C5049D4351C206B580FD436D53D5F8E0899"
Last-Modified: Tue, 31 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21528
Expires: Thu, 02 Feb 2023 22:09:40 GMT
Date: Thu, 02 Feb 2023 16:10:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 16:10:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 16:10:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 16:10:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15626
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 16:10:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 31336
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: a266acae-8f1e-4cd7-b93b-e40aa5393521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUpGcmoAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1d-1fbae7785fccc58f71c1b3e9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PevXZz9rkBo3Cy6EooCVOpSoHyeKHMoYFjKRrvDld34WFWXzOmpANQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:11:31 GMT
age: 64762
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 66267
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 64318
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 64330
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 63942
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
216.58.207.228200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP 216.58.207.228:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 9209866a4051c1a5a169b9f6ca2d5d69
c1561a92f66c11e4fef89fd3fd359bbda76a304a
f0a5a0f1ce8b494947bf336db830d604be27826ce7961f5118b352d9718ff188
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 02 Feb 2023 16:10:53 GMT
date: Thu, 02 Feb 2023 16:10:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-N6QHJQM
142.250.74.78200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-N6QHJQM
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash e5287c756e1d64d9e148cf20743f1d75
1ffb7215ba1b1cfaaf732673291cebc74f6e7f9b
5bce0dc5d724f506511c3bb3191cf655a76acd3bad3e4380c5dad5ff77b04f61
GET /optimize.js?id=OPT-N6QHJQM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 16:10:53 GMT
expires: Thu, 02 Feb 2023 16:10:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6affadd93149a716fb80dc82e262b04
377de736abf271acf3879558d77a4f6d66d24ad9
bc8dc132b76a38315f8626a734a42ceeeda5aad1434d460292604ddd9cc06b4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130058
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Etag: "63db3997-117"
Expires: Sat, 04 Feb 2023 04:18:31 GMT
Last-Modified: Thu, 02 Feb 2023 04:18:31 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6affadd93149a716fb80dc82e262b04
377de736abf271acf3879558d77a4f6d66d24ad9
bc8dc132b76a38315f8626a734a42ceeeda5aad1434d460292604ddd9cc06b4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Etag: "63db3997-117"
Server: ECS (amb/6B9D)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6affadd93149a716fb80dc82e262b04
377de736abf271acf3879558d77a4f6d66d24ad9
bc8dc132b76a38315f8626a734a42ceeeda5aad1434d460292604ddd9cc06b4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Etag: "63db3997-117"
Server: ECS (amb/6B9C)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6affadd93149a716fb80dc82e262b04
377de736abf271acf3879558d77a4f6d66d24ad9
bc8dc132b76a38315f8626a734a42ceeeda5aad1434d460292604ddd9cc06b4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130058
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Etag: "63db3997-117"
Expires: Sat, 04 Feb 2023 04:18:32 GMT
Last-Modified: Thu, 02 Feb 2023 04:18:31 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6affadd93149a716fb80dc82e262b04
377de736abf271acf3879558d77a4f6d66d24ad9
bc8dc132b76a38315f8626a734a42ceeeda5aad1434d460292604ddd9cc06b4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Etag: "63db3997-117"
Last-Modified: Thu, 02 Feb 2023 16:10:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6affadd93149a716fb80dc82e262b04
377de736abf271acf3879558d77a4f6d66d24ad9
bc8dc132b76a38315f8626a734a42ceeeda5aad1434d460292604ddd9cc06b4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:53 GMT
Etag: "63db3997-117"
Server: ECS (amb/6B89)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e2cd9c2d3c373b2c49b9cbe46344f24f
f92c69c24eb31c3c40312947256b64258422b1ab
59d2252221bc2becf98635f8a1b7cbc889f949730837690232fe5c83119786a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Etag: "63da8174-117"
Server: ECS (amb/6B85)
Content-Length: 280
icons.yampi.me/svg/card-hiper.svg
104.26.2.88200 OK 4.1 kB URL HTTP/2 icons.yampi.me/svg/card-hiper.svg
IP 104.26.2.88:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2576)
Hash 4607af96b04d77e0aef9ea3331f545ad
7ab32992910f630ce42c12dfc443f81f9869eac4
a736149a096bed9e070c90e83b578cf9f65b1256876380a19582ab4fc7be42b1
GET /svg/card-hiper.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-2392"
expires: Thu, 02 Feb 2023 14:45:32 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 7B2A:CD1B:1CB68BB:1DE8DD6:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.472357,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: ed80b256eeff30283c3edd11dab667bab3cb4003
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEM4eZza%2FgxrJFXHG6xF3G%2Bimb6LmiBzsPvIkwPejZWVfhiVA9edPDVzgJ0xQIlSqJzQnVn24WcCo4LH8Pbuwx%2BgSovQgoPl%2Fnp4vkY%2BczuMz23PiAkih7jigQ%2FKFLDo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dc70b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=8b7536cdfd4408a4b16bbd105453ab04
104.26.2.88200 OK 89 kB URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=8b7536cdfd4408a4b16bbd105453ab04
IP 104.26.2.88:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 16e2884d6792fc773e501547c45b1b5d
711b9ef40d14d4cf661281b3062a17614d774abe
f794f52554e5f3054d16f036f795905b595f416204b8a7c1e674975ea8239fbf
GET /checkout/build/mix/assets/js/app.js?id=8b7536cdfd4408a4b16bbd105453ab04 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: application/javascript
x-amz-id-2: H6wc1KJ0l7vY6nHfuqoQ7NhT/dUOZiEYJ2bf0dEmwZibsjmsrrJWZS00OtTSdIrO93b8qeaXqDs=
x-amz-request-id: CBDE1ERD0EWS8EHD
last-modified: Mon, 30 Jan 2023 17:14:01 GMT
x-amz-version-id: .PJTNmukiGo4sVi.cB2in6eHA0WVFZtD
etag: W/"d294d7e1e0f31ad881021de44009ab13"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWuStyeZQObz6SW1ZNOKy1H6ry%2BWXavpIf%2B97Qpc6D38VNMERpgODwqNv%2FqzzACOMOJvgd3fkMq%2Bpa6eHW9NDgBIw6hE7%2B1JfKRmulbs3y8pXD03pVS3rRQ%2B9IHZtFUCpucsBV7Cz5vE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79343317de160b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.163200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data
Hash c21e7acd53a6d80fa451f1af92d9a492
4096e12b96fa2549e4f169044a49b6ec60214008
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.king-ofertas.shop
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:20:23 GMT
expires: Sun, 28 Jan 2024 10:20:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
content-type: font/woff2
age: 453031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-mastercard.svg
104.26.2.88200 OK 1.0 kB URL HTTP/2 icons.yampi.me/svg/card-mastercard.svg
IP 104.26.2.88:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash 0a2532ddc698ac88bcc136965bcad381
e8551f8e012288a332886c2d55ce1085da0b068d
50787699ce846347041fc045322c0062df3584dded7cbafaee9322ea8f7c1447
GET /svg/card-mastercard.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-5b3"
expires: Thu, 02 Feb 2023 15:46:57 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 30C0:BCB5:2ADEB9:2D35B1:63D368F9
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674802871.180191,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 0668a50893fe346890020f1792fd57b6c424487a
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYSZoAvrFin4rkbTL%2B1KsWkVqWO8qShvln9Ibrdqc5O5cRykNGXCID6ci9As3xHrAWNDVakhKcbEJH9Lkbb0rVABICmTUulidAk6NrsFHwslkyivANWiX2kOHXZWWNRu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433179dcc0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4951e2b78ae64a92de00aceb20094b34
5c3c9cfef41cf1febc96d21a58002ebcc40ead15
b82abc9f44944cca72c963b911690627954d5d1bf89f9d8b0d530265766004a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=166056
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:54 GMT
Etag: "63dbc636-117"
Expires: Sat, 04 Feb 2023 14:18:30 GMT
Last-Modified: Thu, 02 Feb 2023 14:18:30 GMT
Server: nginx
Content-Length: 279
cdn.yampi.io/ana/ana.min.js?t=1675382400000
104.18.15.227200 OK 3.1 kB URL HTTP/2 cdn.yampi.io/ana/ana.min.js?t=1675382400000
IP 104.18.15.227:0
Hash 1adddfe9c3d3d928776dddc6d076a02c
a7055bdd57f7484d2d93392276d537309144b922
9f72a3169e8bae3e268e627d9dacf1c9681fc986336ea2ac2dfee587c95492a5
GET /ana/ana.min.js?t=1675382400000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: application/javascript
x-amz-id-2: WWkVOixX0x+x3KXP/Vq1pYdeZLjSJcJLKXKViH2l2S4wzCJ0DawMNBK02hwCa4LtjzWER2k1SkA=
x-amz-request-id: 8967JB12TSRFY2GR
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
expires: Fri, 02 Feb 2024 16:10:54 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934331bae170b55-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6510
Cache-Control: max-age=97329
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:55 GMT
Etag: "63daa052-1d7"
Expires: Fri, 03 Feb 2023 19:13:04 GMT
Last-Modified: Wed, 01 Feb 2023 17:24:34 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 15:44:08 GMT
expires: Thu, 02 Feb 2023 17:44:08 GMT
cache-control: public, max-age=7200
age: 1607
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.king-ofertas.shop
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 255681
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seguro.king-ofertas.shop/cart/recomm
170.82.173.30200 OK 28 kB URL HTTP/2 seguro.king-ofertas.shop/cart/recomm
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63730)
Hash aa7c8ea180357abc8c4bd16fb63597b3
ed2abb8e9212fe4a6b5a931b64b1ed9eacd23069
a428e4504470a3bf764647b9e032234ea807f4ba65e190f16da6cb5545f04ac4
Analyzer Verdict Alert fortinet Phishing
GET /cart/recomm HTTP/1.1
Host: seguro.king-ofertas.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/auth/login
Cookie: XSRF-TOKEN=eyJpdiI6IlZlR3drS3YyaExHaERaN0ZpYnZxbnc9PSIsInZhbHVlIjoiTzRTdEdWRk1IYUdYVFJQaHFBbVdxVVdlTWRRRzFnSXpcL0thdlQ3M3N0VmgzMzlNeGQrR0FQcmhnSURHdUZqZU1odFplVnZRV1lwMHRSRlV3V2hXOU93PT0iLCJtYWMiOiIyMjk5MmU4NjBjMzgwYmE0ZjNhMTNmMjE3YmYxMzRiNzg2Mjc2NzdkNGRhMDQ3NTczNTM3YWVmOTMwNDljMmExIn0%3D; bubbstore_checkout=eyJpdiI6Im1WblZCOFhWdFk1OXdpVjNnYjRGK3c9PSIsInZhbHVlIjoibFI4aFRWdE4rNThKRjR5bkswZ2xNWitCbXhWU2hkMFhtWjQ1U0ptU200UkdBOU41cWZLQlVpZUQxSUFrdytJRFNjNExiN01Ld1BqTW5SZzZOeWtXXC9BPT0iLCJtYWMiOiI5MjJhMGU3M2RlOTg3YzVhZDMxMzhmNTRkYWFlOTM0NTA5NDMwM2FkN2JjN2VjOTRlYTdhZGU3OTk3MjdkNzc3In0%3D; bertolini_cart=eyJpdiI6IlE0R3lwQnBTNFdLSUpVTXg0amR5Q0E9PSIsInZhbHVlIjoiSUVkeEdqTEV2WGlpZXhJQmdFSVBwV0IwNGNKNHdnSUN3aUpiXC91ZWNCQ1FzWTBmZUFEWjlnQ3JLcmxkWWlLRldvZkdBSk5NendvWXRpK3Q2dXo1NHpBPT0iLCJtYWMiOiI3NTg3ZDEyNzg2ZDg0N2FiMzc3MWFhMDVkYzBhZWM2YjU0ZTViMDJhZDQwMzdhZTUyMDA5MTRhZWJkNWYxNDFlIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:55 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlRMbWFUMld6SEpmbFhsVUZTc3pJVmc9PSIsInZhbHVlIjoiR1owUUJFZUpvV2szVU5EaExrRGdsNE1VVEdaYWt3RlU2T0x4a0JucjhtelRwUHhWUnBWNlBibVh6dXU4XC9XYXB1ZzY5cmRXV25pUTl5XC9FTzJtWkZuZz09IiwibWFjIjoiNzAyYTQ4MjRhZjAyOTg3M2FjN2RmZWQwYTJiYjViNDc2NTI5MDdiNzgzZjQ0YmNjNTMxM2JlNWJiZGU5NjhkZSJ9; expires=Thu, 02-Feb-2023 19:10:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjBBOVBBWkl2MDNlaDBaVEh4RFwvbFRnPT0iLCJ2YWx1ZSI6IjhmS2dGZVdXQzQ3OURiajZpbGpPeWdYSUkxY3o4aFZHNzMrcVRLZndoWEVFQXgrbjduVEFsOFBRSlRJXC9sVk8reUZYQkxNZjU2c0NVZEs0NVFZekFQQT09IiwibWFjIjoiMTkyY2MxODAzMTJmMTkxODI1ZjQwNWQ0MDUxZDk5NTgyZjgxYzBjZDA2MDIwMjhkZmVlYjFiYjlkNzg4ZGNmNyJ9; expires=Thu, 02-Feb-2023 19:10:55 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6510
Cache-Control: max-age=97329
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:55 GMT
Etag: "63daa052-1d7"
Expires: Fri, 03 Feb 2023 19:13:04 GMT
Last-Modified: Wed, 01 Feb 2023 17:24:34 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 8665e233ef6caaf010ca89793f27b6f8
5c593fa5f33e55b3081308b43e6e801b56c047f7
435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac
GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _vPskrtAS-X766qWbNE3Q3gs9CIuJIaiOyMBTB0t9_tSYj4pYTNB_w==
age: 259489
X-Firefox-Spdy: h2
script.hotjar.com/modules.4b160a4831adaf5337e6.js
54.230.111.79200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.4b160a4831adaf5337e6.js
IP 54.230.111.79:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 3315b6999637291711ab85ba678211fa
d1bba723aa49e6276dfdb0f1313a9bf0b64be153
b3bd4f702044ae91c9227ce2d5c8411d3fec3abb82c9c1b7a9b69d2011c520e5
GET /modules.4b160a4831adaf5337e6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68316
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3315b6999637291711ab85ba678211fa"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AARXkebnKFQKZiqLx7yBMSkORFXLbXVMuiOdu3QWbZtm1GT576z24g==
age: 259489
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/639b2a0ed5374/639b2a0ed537a.png
52.95.163.84200 OK 265 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/639b2a0ed5374/639b2a0ed537a.png
IP 52.95.163.84:0
File type PNG image data, 4096 x 1067, 8-bit/color RGBA, non-interlaced\012- data
Size 265 kB (265047 bytes)
Hash 6a6087902c1670b5c75ff4ce2afb460d
22d2f5ebf8170b75c7d9ae551373ac2946585f95
79595b1ae3313cc2db5165d413c5c99e042cdb3129ff6e1d69814d489987b96a
GET /king-assets.yampi.me/dooki/639b2a0ed5374/639b2a0ed537a.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Z2JAdb7575j0XJbuo45G85UR3HHfCMBqrTJ3bnIPPIfm91FrDxht/dNP1Ql3fCBClJt3XjXeqNY=
x-amz-request-id: 6RTP7PPY8F5C39N5
Date: Thu, 02 Feb 2023 16:10:55 GMT
Last-Modified: Thu, 15 Dec 2022 14:07:11 GMT
ETag: "6a6087902c1670b5c75ff4ce2afb460d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 265047
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-45745009-5&cid=933832553.1675354282&jid=1967235240&gjid=1282749387&_gid=1553189050.1675354282&_u=IEDAAAASAAAAAC~&z=577420025
64.233.162.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-45745009-5&cid=933832553.1675354282&jid=1967235240&gjid=1282749387&_gid=1553189050.1675354282&_u=IEDAAAASAAAAAC~&z=577420025
IP 64.233.162.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-45745009-5&cid=933832553.1675354282&jid=1967235240&gjid=1282749387&_gid=1553189050.1675354282&_u=IEDAAAASAAAAAC~&z=577420025 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.king-ofertas.shop
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.king-ofertas.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 16:10:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:10:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/638fb489697bd/638fb489697bf.png
52.95.163.84200 OK 51 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/638fb489697bd/638fb489697bf.png
IP 52.95.163.84:0
File type PNG image data, 512 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash 6843c99372d6c2b3955352cabcfd07ad
71d74374d4e8080dddfc2157b264fb186bd14c64
84af53d7f57d5c513ccca5cb1271476676bab6f082c123b84fd601ca26bd35f4
GET /king-assets.yampi.me/dooki/638fb489697bd/638fb489697bf.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VENTvJ+Acg1roYIPglMVFf0tXMvh1MyOZxyfh6OThwSUfX49JFkIwdjmJ4ygzpvn/7ZQM/LF3y0=
x-amz-request-id: HSTFP58NPY85R86W
Date: Thu, 02 Feb 2023 16:10:57 GMT
Last-Modified: Tue, 06 Dec 2022 21:30:50 GMT
ETag: "6843c99372d6c2b3955352cabcfd07ad"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 51284
seguro.king-ofertas.shop/checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905
170.82.173.30302 Found 0 B URL HTTP/2 seguro.king-ofertas.shop/checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
GET /checkout/payment?cart_token=55f89174-a2c9-11ed-9495-023670863dd2-63db6301452bd&utm_source=fbluc&utm_campaign=sms+carrinho+abandonado+1&forcecheckout=1&skiptocheckout=1&store_token=17ec24335a30c15dcade9e4703e497f4d7bcff42&customertoken=956d2520-a2c9-11ed-a80e-b1e80a591086&promocode=2905 HTTP/1.1
Host: seguro.king-ofertas.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:10:52 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.king-ofertas.shop/auth/login
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IklzVlliSTVIaXFNbFpIQVVyRW45MHc9PSIsInZhbHVlIjoiMXBCK1R5ME5DemVCZkN1blBWd3R5bGZ2T0dXWjJhNUYrQWJsWStMUng4UDhsM3hTeU5xOXc4WCtWM2drUCthZFZWOXVtejkxcHplREg4dWNUZ3U3U3c9PSIsIm1hYyI6IjJjMWU5OGMzNTBkMjI4MDc0MThiNDJmZGZkNTM3MjQ1NTNlNjM3ZDhiYTQ1MjAzY2Q1MDQwMzM3YzU1NzAzMDIifQ%3D%3D; expires=Thu, 02-Feb-2023 19:10:52 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InR2YnBkNFM2QUphK3dQXC9sd0s4SHRnPT0iLCJ2YWx1ZSI6InVzemFISDA2V1JwTXY1WmtVUXNcL2tlWGM4VVwvSnE2WUhDSWtVS2lYMXBWM3pRaDIzMGpoancxemNyTWJFbzJLN0Z5RFJ0NFY1QWNtSWNXTVBDY1pWK3c9PSIsIm1hYyI6ImI1ZGM1Zjc4ODJkMDc0ZTYyMDcwNGUwYWY3OGRiZTM0MWNkYjNmNzJkMjBjMjI1NjA3MDk0ZmUyMzdkNGJmY2IifQ%3D%3D; expires=Thu, 02-Feb-2023 19:10:52 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-visa.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-visa.svg
IP 104.26.2.88:0
GET /svg/card-visa.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-1288"
expires: Thu, 02 Feb 2023 14:11:11 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 989E:10B0C:247D5DC:2600168:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.465491,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 336c2bd8bcf240dc9a726aeafef6bb7dff4f5761
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2IM%2BkAAjHmlkDnkMs0JDFJVJkHS%2FOxFTpJ6%2B%2FmHQTXcy%2BKrx7DZ4dEynEBAm%2BqTkEXFG63%2BQr9oD7YSDzy1LaxnFqakig%2FEEucJLSfyXysNLi2vR3QpGBNnVWtdXEWi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dc00b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-aura.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-aura.svg
IP 104.26.2.88:0
GET /svg/card-aura.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-111a"
expires: Thu, 02 Feb 2023 14:55:05 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: F150:2BEE:EA6F2:F095D:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.468439,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: e139396ceb1abda32d5508df1788c8fce89fdc34
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UZcaK0uxzPi1td2F%2FLTZqbXFNp2vhC0cpi4PCDU4ufxi0IwaVM0y%2Bz4WmI49JQ9gcerQ8Tp0P4nGLd1%2FdlrTwBfDPfIgO%2FR7QlJo3sHx39EOdR9sXhmiWiHhCVjKSn%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433179dd20b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3285671.js?sv=6
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-3285671.js?sv=6
IP 54.230.111.113:0
GET /c/hotjar-3285671.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 02 Feb 2023 16:10:55 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/d5a3287081671152fa26e25643399880
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G7UEeqtj3QKoCI46heY9jlCSYCDDAUlsvtcnBOgA59Wpf9jUpkI1QQ==
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5
104.26.2.88200 OK 0 B URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5
IP 104.26.2.88:0
GET /checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: text/css
x-amz-id-2: j/S4cRK7h2RJJ8oPBInTkUyHWMs2uLy5Y2k2gv7J5HVqK6+oYOtQiL9kw5ONDjsNoD1SA2PVHdI=
x-amz-request-id: CW5G8BWSRMPMAXS4
last-modified: Tue, 17 Jan 2023 17:16:35 GMT
x-amz-version-id: 6DNQN8Tr5zNrG9AbFAdSPatqVsIP8Y4C
etag: W/"0f68d2669d40348ccb7bc9a9d17328f5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYotLoBEmt7ssssRT3otqpHIzLhuJhdmEA%2FRXa6gIKW2%2B%2B%2FSx6ozhlYaW5cWye8qJsM%2Ftu4nhCrHxY3ckuRIpZBNnMg2q3bZUs%2FUFvrvENF7%2BZ%2FXlpND61MTKu%2BW0tLXnQ%2BRlVDc%2FoU6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793433178dbb0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-amex.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-amex.svg
IP 104.26.2.88:0
GET /svg/card-amex.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-5f3"
expires: Thu, 02 Feb 2023 14:55:02 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-github-request-id: E5BE:F1F7:4A7A3A:4D84CB:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.472029,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 885dd153a9bf2debead287bf6f1fe50ea617bdd3
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr09omxEyUUci3UcQt%2B5aE17ZyR87EuSngOSaeEhB7C27GUmce3BEoZqa0xBv1q4O0pOMKOluCAxS6KOvYDTigx%2FcgWojxiY09loymepTPU5am%2Bb8YP9YEAbojMy3e1U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dbe0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-elo.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-elo.svg
IP 104.26.2.88:0
GET /svg/card-elo.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-c43"
expires: Thu, 02 Feb 2023 14:11:56 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: EB8A:6AD9:675F81:84E3C6:63C894F2
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674102168.614481,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 2eadcbaf8f49bf13daf3b16c3e01dde6e205a004
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSHtJnwU0j%2BG5RTyxoTiodvVd4wFSbWGWvz5oj9VRj%2BYwjTuyQOoCfHflQmqrdBD88Py595tLmPN%2FdCeWXbPUIOHpBcW0po1%2Fu8img7jkImwBFbdfaR9qx9ERCbA3c8L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dc30b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.dooki.com.br/fa/4.7.0/fa.css
104.18.0.53200 OK 0 B URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP 104.18.0.53:0
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
expires: Fri, 10 Feb 2023 16:10:54 GMT
cache-control: public, max-age=691200
set-cookie: __cf_bm=ahJLVqIxM0r_2QS64o889r6b6mvDFvzBjESmKvxU0rw-1675354254-0-AT11Urj4tJyK3Sz+28pdBkyKY/EXCZ4Copc8V2jxE3IfHHrtPeVfi59xZ1BE7iLaDE5HBI16cm3SvG8wzQJng3w=; path=/; expires=Thu, 02-Feb-23 16:40:54 GMT; domain=.dooki.com.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 79343318dde1b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.yampi.me/jquery/jquery.js
104.26.2.88200 OK 0 B URL HTTP/2 cdn.yampi.me/jquery/jquery.js
IP 104.26.2.88:0
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: application/javascript
x-amz-id-2: cvnt6Bg7zbti5Bm8Lp0rAGY7y345bRB4T32MulxMxGJI1GHuapNQjUTBRTBFSQUT3nXc9o650NA=
x-amz-request-id: TP7GXVJKXZ65D2ZZ
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4906
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAzsjwZZC%2BtqLeimh1lgIGWmOzRp2%2Fe88LNnQwZfzJDMfDA1WHZAjeL1J0YKvsLHJZ%2FHaQyj8QrCh%2F0%2Bhd4s%2B6jhxKUIdioMnf0Mf9OQKSk8bZr%2B1Dg%2F592XTSoWEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793433179ddc0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-hipercard.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-hipercard.svg
IP 104.26.2.88:0
GET /svg/card-hipercard.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-54bc"
expires: Thu, 02 Feb 2023 14:51:41 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 4586:F1F7:4A7A49:4D84DD:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1632-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.470423,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 4fd3153f3cd85e208bdc9099ceb27cda21214080
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEYvyN1YJhtG12o8n8%2Fdgn2Ox5pdJBaQp2nQAn6YcKBzuBYkl%2B%2BTPz%2F8DoQ1LVqKgwAttB%2F6d8szpCjS7LHA6vmeE%2Bjv8g6t7yOSuq%2FBYtZJVsnBZNLxHbPaT2HpTpRN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dbc0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-diners.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-diners.svg
IP 104.26.2.88:0
GET /svg/card-diners.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-99b"
expires: Thu, 02 Feb 2023 14:55:03 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-github-request-id: 2936:C143:FB22BA:104BC39:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.475361,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 736436b4a854b591ca41e475ddd23c435b9debbf
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiD9%2BgmjpsCwejXPdGvsbqqgpchqHEXc%2FK%2BKDyTbel4slQC0MdYdRYuFbtl%2F3uAz5i%2F1AXNmtI3k%2BoD8XIcczk%2Fp8b691VRZQ9bkB6ukOE5XbrKOCC%2Fy2lNtF%2FoPS7CJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dc10b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-pix.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-pix.svg
IP 104.26.2.88:0
GET /svg/card-pix.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-a56"
expires: Thu, 02 Feb 2023 14:39:40 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 0F52:F1F7:4A7A4D:4D84E1:63C6BB35
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673968439.474399,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: a97fe237c004f95472188b3dd11a6d79b2067398
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmooSuoQmsgr9y%2BRYOpv9h%2FO%2BWmOAoYUSGetPnjSfpr1xymTdXnGiBzDBUwrFcJC4XIcYwUVh%2BzagI%2BsrgchBH%2Fl8u4KOZtTJ4oqxRmD3z8EtP5i38yN5nBEgNIbid4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dc50b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icons.yampi.me/svg/card-discover.svg
104.26.2.88200 OK 0 B URL HTTP/2 icons.yampi.me/svg/card-discover.svg
IP 104.26.2.88:0
GET /svg/card-discover.svg HTTP/1.1
Host: icons.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.king-ofertas.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:10:54 GMT
content-type: image/svg+xml
last-modified: Tue, 17 Jan 2023 15:01:00 GMT
access-control-allow-origin: *
etag: W/"63c6b82c-f89"
expires: Thu, 02 Feb 2023 14:55:04 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
x-github-request-id: AFE6:5BDE:74C8EE:9E4788:63C8D2A3
via: 1.1 varnish
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674106789.785907,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: 40f17afb8ce7da67f8de1ee6772367023c4d5ae2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1q5eE02MPYiGIPGno1%2F8tunlKlv37n9%2BwQEsZqFPbLWzfPS3POWEBkHpkEopXr1IGBah4b59%2BrXMDRnPjNlK1E2cqoKR%2BVZ3F5qP0hAc%2FSBNAuqoGC62QXxhYeTexkL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793433178dc80b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2